914 matches found
CVE-2024-47666
In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Set phy-enablecompletion only when we wait for it pm8001phycontrol populates the enablecompletion pointer with a stack address, sends a PHYLINKRESET / PHYHARDRESET, waits 300 ms, and returns. The problem arises when...
The vulnerability of the Linux operating system’s kernel component, which allows a hacker to cause a service failure
The vulnerability of the phy component in the Linux operating system’s kernel is related to improper resource locking. Exploiting this vulnerability can allow an attacker to cause a service failure...
CentOS 9 : kernel-5.14.0-513.el9
"The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the kernel-5.14.0-513.el9 build changelog. - In the Linux kernel, the following vulnerability has been resolved: net: phy: micrel: Fix potential null pointer dereference In...
DEBIAN-CVE-2024-46856
In the Linux kernel, the following vulnerability has been resolved: net: phy: dp83822: Fix NULL pointer dereference on DP83825 devices The probe function is only used for DP83822 and DP83826 PHY, leaving the private data pointer uninitialized for the DP83825 models which causes a NULL pointer...
UBUNTU-CVE-2024-46856
In the Linux kernel, the following vulnerability has been resolved: net: phy: dp83822: Fix NULL pointer dereference on DP83825 devices The probe function is only used for DP83822 and DP83826 PHY, leaving the private data pointer uninitialized for the DP83825 models which causes a NULL pointer...
CVE-2024-46856
Summary of CVE-2024-46856 : In the Linux kernel, the net: phy: dp83822: Fix NULL pointer dereference on DP83825 devices vulnerability was addressed by ensuring all PHY models have a valid private data pointer. The issue arose because probe() was only used for DP83822 and DP83826 PHY, leaving the ...
CVE-2024-46856 net: phy: dp83822: Fix NULL pointer dereference on DP83825 devices
In the Linux kernel, the following vulnerability has been resolved: net: phy: dp83822: Fix NULL pointer dereference on DP83825 devices The probe function is only used for DP83822 and DP83826 PHY, leaving the private data pointer uninitialized for the DP83825 models which causes a NULL pointer...
CVE-2024-46827 wifi: ath12k: fix firmware crash due to invalid peer nss
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix firmware crash due to invalid peer nss Currently, if the access point receives an association request containing an Extended HE Capabilities Information Element with an invalid MCS-NSS, it triggers a firmware...
CVE-2024-46827
The CVE-2024-46827 entry describes a Linux kernel fix for ath12k Wi‑Fi: when an association request contains an Extended HE Capabilities Element with an invalid MCS-NSS, the driver passes a zero peer_nss to firmware, potentially crashing it. The remediation implements validation of peer_nss and f...
CVE-2024-46827 wifi: ath12k: fix firmware crash due to invalid peer nss
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix firmware crash due to invalid peer nss Currently, if the access point receives an association request containing an Extended HE Capabilities Information Element with an invalid MCS-NSS, it triggers a firmware...
Oracle Linux 8 : kernel (ELSA-2024-7000)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-7000 advisory. - wifi: mac80211: Avoid address calculations via out of bounds array indexing Michal Schmidt RHEL-51278 CVE-2024-41071 - protect the fetch of -fdfd in...
kernel: phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP
A NULL pointer dereference flaw was found in the Linux kernel in the phy-omap-usb2 driver. This issue arises when the external PHY used with phy-omap-usb2 does not implement the sendsrp function. If this function is called without proper implementation, it can result in a system crash, especially...
kernel: phylib: fix potential use-after-free
In the Linux kernel, the following vulnerability has been resolved: phylib: fix potential use-after-free Commit bafbdd527d56 "phylib: Add device reset GPIO support" added call to phydeviceresetphydev after the putdevice call in phydetach. The comment before the putdevice call says that the phydev...
CVE-2024-46767
In the Linux kernel, the following vulnerability has been resolved: net: phy: Fix missing ofnodeput for leds The call of ofgetchildbyname will cause refcount incremented for leds, if it succeeds, it should call ofnodeput to decrease it, fix it...
DEBIAN-CVE-2024-46767
In the Linux kernel, the following vulnerability has been resolved: net: phy: Fix missing ofnodeput for leds The call of ofgetchildbyname will cause refcount incremented for leds, if it succeeds, it should call ofnodeput to decrease it, fix it...
CVE-2024-46767
In the Linux kernel, the following vulnerability has been resolved: net: phy: Fix missing ofnodeput for leds The call of ofgetchildbyname will cause refcount incremented for leds, if it succeeds, it should call ofnodeput to decrease it, fix it...
CVE-2024-46767 net: phy: Fix missing of_node_put() for leds
In the Linux kernel, the following vulnerability has been resolved: net: phy: Fix missing ofnodeput for leds The call of ofgetchildbyname will cause refcount incremented for leds, if it succeeds, it should call ofnodeput to decrease it, fix it...
CVE-2024-46767 net: phy: Fix missing of_node_put() for leds
In the Linux kernel, the following vulnerability has been resolved: net: phy: Fix missing ofnodeput for leds The call of ofgetchildbyname will cause refcount incremented for leds, if it succeeds, it should call ofnodeput to decrease it, fix it...
CVE-2024-46767 net: phy: Fix missing of_node_put() for leds
In the Linux kernel, the following vulnerability has been resolved: net: phy: Fix missing ofnodeput for leds The call of ofgetchildbyname will cause refcount incremented for leds, if it succeeds, it should call ofnodeput to decrease it, fix it...
CVE-2024-46767
Technical details about CVE-2024-46767 are not provided in the connected documents. Monitor for updates.