CVE-2024-35891

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-35891

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-35891.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-35891

Downstream

BELL-CVE-2024-35891

DEBIAN-CVE-2024-35891

RHSA-2025:6966

SUSE-SU-2024:2135-1

SUSE-SU-2024:2203-1

SUSE-SU-2024:2973-1

UBUNTU-CVE-2024-35891

USN-6893-1

USN-6893-2

USN-6893-3

USN-6918-1

Related

Published

2024-05-19T09:15:10Z

Modified

2025-08-09T19:01:27Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

net: phy: micrel: Fix potential null pointer dereference

In lan8814getsigrx() and lan8814getsigtx() ptpparseheader() may return NULL as ptpheader due to abnormal packet type or corrupted packet. Fix this bug by adding ptpheader check.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

References

Affected packages