CVE-2024-40928

Summary

In the Linux kernel, the following vulnerability has been resolved:

net: ethtool: fix the error condition in ethtool_get_phy_stats_ethtool()

Clang static checker (scan-build) warning: net/ethtool/ioctl.c:line 2233, column 2 Called function pointer is null (null dereference).

Return '-EOPNOTSUPP' when 'ops->get_ethtool_phy_stats' is NULL to fix this typo error.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxc882f2178f22f3740e20a6bd6b8df1c0500301bf < 25504f7fe60058b2a9553a9e424fb7dd9683843eaffected
LinuxLinux72d1c4a07780e24827c29bad203a1167d67181ed < c3ba0557ab2ef15a3663e2fb9b1a3d628a8c3daaaffected
LinuxLinux981c6e178cf333ac9568665e6d786f795f5cb3ad < f9e57e7ca77393b5b7072800370370b02eaad0f8affected
LinuxLinux201ed315f9676809cd5b20a39206e964106d4f27 < 6548d543a27449a1a3d8079925de93f5764d6f22affected
LinuxLinux201ed315f9676809cd5b20a39206e964106d4f27 < 92196be82a4eb61813833dc62876fd198ae51ab1affected
LinuxLinux201ed315f9676809cd5b20a39206e964106d4f27 < 0dcc53abf58d572d34c5313de85f607cd33fc691affected
LinuxLinux6.2affected
LinuxLinux0 < 6.2unaffected
LinuxLinux6.6.35 <= 6.6.*unaffected
LinuxLinux6.9.6 <= 6.9.*unaffected
LinuxLinux6.10 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References