In the Linux kernel, the following vulnerability has been resolved:
ice: Don’t process extts if PTP is disabled
The ice_ptp_extts_event() function can race with ice_ptp_release() and
result in a NULL pointer dereference which leads to a kernel panic.
Panic occurs because the ice_ptp_extts_event() function calls
ptp_clock_event() with a NULL pointer. The ice driver has already
released the PTP clock by the time the interrupt for the next external
timestamp event occurs.
To fix this, modify the ice_ptp_extts_event() function to check the
PTP state and bail early if PTP is not ready.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 22.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws-5.15 | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-azure | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-azure | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-azure-5.15 | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-azure-fde | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-azure-fde-5.15 | < any | UNKNOWN |
git.kernel.org/linus/996422e3230e41468f652d754fefd1bdbcd4604e (6.10-rc7)
git.kernel.org/stable/c/1c4e524811918600683b1ea87a5e0fc2db64fa9b
git.kernel.org/stable/c/996422e3230e41468f652d754fefd1bdbcd4604e
launchpad.net/bugs/cve/CVE-2024-42107
nvd.nist.gov/vuln/detail/CVE-2024-42107
security-tracker.debian.org/tracker/CVE-2024-42107
www.cve.org/CVERecord?id=CVE-2024-42107