CVE-2024-40928
Severity CVSS v4.0:
Pending analysis
Type:
CWE-476
NULL Pointer Dereference
Publication date:
12/07/2024
Last modified:
19/01/2026
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
net: ethtool: fix the error condition in ethtool_get_phy_stats_ethtool()<br />
<br />
Clang static checker (scan-build) warning:<br />
net/ethtool/ioctl.c:line 2233, column 2<br />
Called function pointer is null (null dereference).<br />
<br />
Return &#39;-EOPNOTSUPP&#39; when &#39;ops->get_ethtool_phy_stats&#39; is NULL to fix<br />
this typo error.
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.2 (including) | 6.6.35 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.7 (including) | 6.9.6 (excluding) |
| cpe:2.3:o:linux:linux_kernel:6.10:rc1:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.10:rc2:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/0dcc53abf58d572d34c5313de85f607cd33fc691
- https://git.kernel.org/stable/c/25504f7fe60058b2a9553a9e424fb7dd9683843e
- https://git.kernel.org/stable/c/6548d543a27449a1a3d8079925de93f5764d6f22
- https://git.kernel.org/stable/c/92196be82a4eb61813833dc62876fd198ae51ab1
- https://git.kernel.org/stable/c/c3ba0557ab2ef15a3663e2fb9b1a3d628a8c3daa
- https://git.kernel.org/stable/c/f9e57e7ca77393b5b7072800370370b02eaad0f8
- https://git.kernel.org/stable/c/0dcc53abf58d572d34c5313de85f607cd33fc691
- https://git.kernel.org/stable/c/6548d543a27449a1a3d8079925de93f5764d6f22
- https://git.kernel.org/stable/c/92196be82a4eb61813833dc62876fd198ae51ab1