CVE-2026-45874

Source
https://cve.org/CVERecord?id=CVE-2026-45874
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-45874.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-45874
Downstream
Published
2026-05-27T12:15:53.604Z
Modified
2026-07-08T08:02:16.993574178Z
Summary
phy: freescale: imx8qm-hsio: fix NULL pointer dereference
Details

In the Linux kernel, the following vulnerability has been resolved:

phy: freescale: imx8qm-hsio: fix NULL pointer dereference

During the probe the refclkpad pointer is set to NULL if the 'fsl,refclk-pad-mode' property is not defined in the devicetree node. But in imxhsioconfigureclk_pad() this pointer is unconditionally used which could result in a NULL pointer dereference. So check the pointer before to use it.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/45xxx/CVE-2026-45874.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
82c56b6dd24fcdf811f2b47b72e5585c8a79b685
Fixed
a771b386cb6c6e582e7b50f8eeff3347ff887f71
Fixed
dd8b9ba3d9701832cfb5dcefd8b43250df28dbc2
Fixed
8d29e81e9cdec84d4b9acb1736550d35e86c88af
Fixed
4dd5d4c0361af0a3fd24f45c815996abf4429770

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-45874.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.11.0
Fixed
6.12.75
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.18.14
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
6.19.4

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-45874.json"