CVE-2024-38584
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-38584
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-38584.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-38584
- Downstream
- Related
- Published
- 2024-06-19T14:15:18Z
- Modified
- 2024-11-21T09:26:24Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
net: ti: icssgprueth: Fix NULL pointer dereference in pruethprobe()
In the pruethprobe() function, if one of the calls to emacphyconnect() fails due to ofphyconnect() returning NULL, then the subsequent call to phyattached_info() will dereference a NULL pointer.
Check the return code of emacphyconnect and fail cleanly if there is an error.
- References
-
- https://git.kernel.org/stable/c/1e1d5bd7f4682e6925dd960aba2a1aa1d93da53a
- https://git.kernel.org/stable/c/5cd17f0e74cb99d209945b9f1f06d411aa667eb1
- https://git.kernel.org/stable/c/b0a82ebabbdc4c307f781bb0e5cd617949a3900d
- https://git.kernel.org/stable/c/b31c7e78086127a7fcaa761e8d336ee855a920c6
- https://security-tracker.debian.org/tracker/CVE-2024-38584
Affected packages
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source