CVE-2024-42282

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> net: mediatek: Fix potential NULL pointer dereference in dummy net_device handling<br /> <br /> Move the freeing of the dummy net_device from mtk_free_dev() to<br /> mtk_remove().<br /> <br /> Previously, if alloc_netdev_dummy() failed in mtk_probe(),<br /> eth-&gt;dummy_dev would be NULL. The error path would then call<br /> mtk_free_dev(), which in turn called free_netdev() assuming dummy_dev<br /> was allocated (but it was not), potentially causing a NULL pointer<br /> dereference.<br /> <br /> By moving free_netdev() to mtk_remove(), we ensure it&amp;#39;s only called when<br /> mtk_probe() has succeeded and dummy_dev is fully allocated. This<br /> addresses a potential NULL pointer dereference detected by Smatch[1].