CVE-2024-42116 in Linuxinfo

Summary

by MITRE • 07/30/2024

In the Linux kernel, the following vulnerability has been resolved:

igc: fix a log entry using uninitialized netdev

During successful probe, igc logs this:

[ 5.133667] igc 0000:01:00.0 (unnamed net_device) (uninitialized): PHC added
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ The reason is that igc_ptp_init() is called very early, even before register_netdev() has been called. So the netdev_info() call works on a partially uninitialized netdev.

Fix this by calling igc_ptp_init() after register_netdev(), right after the media autosense check, just as in igb. Add a comment, just as in igb.

Now the log message is fine:

[ 5.200987] igc 0000:01:00.0 eth0: PHC added

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Responsible

Linux

Reservation

07/29/2024

Disclosure

07/30/2024

Moderation

revoked

CPE

ready

EPSS

0.00000

KEV

no

Activities

very low

Sources

Interested in the pricing of exploits?

See the underground prices here!