In the Linux kernel, the following vulnerability has been resolved:
net: phy: fix phy_get_internal_delay accessing an empty array
The phy_get_internal_delay function could try to access to an empty
array in the case that the driver is calling phy_get_internal_delay
without defining delay_values and rx-internal-delay-ps or
tx-internal-delay-ps is defined to 0 in the device-tree.
This will lead to "unable to handle kernel NULL pointer dereference at
virtual address 0". To avoid this kernel oops, the test should be delay
>= 0. As there is already delay < 0 test just before, the test could
only be size == 0.
Metrics
Affected Vendors & Products
References
History
Mon, 23 Dec 2024 19:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Linux
Linux linux Kernel |
|
Weaknesses | CWE-476 | |
CPEs | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | |
Vendors & Products |
Linux
Linux linux Kernel |
Fri, 22 Nov 2024 12:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Tue, 05 Nov 2024 10:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
MITRE
Status: PUBLISHED
Assigner: Linux
Published: 2024-05-01T12:54:25.156Z
Updated: 2024-12-19T08:53:18.972Z
Reserved: 2024-02-19T14:20:24.213Z
Link: CVE-2024-27047
Vulnrichment
Updated: 2024-08-02T00:21:05.863Z
NVD
Status : Analyzed
Published: 2024-05-01T13:15:49.930
Modified: 2024-12-23T19:14:13.317
Link: CVE-2024-27047
Redhat