CVE-2024-50097
CVSS 3.1 Score 5.5 of 10 (medium)
Details
Published Nov 5, 2024
Updated: Nov 12, 2024
Summary
CVE-2024-50297: A vulnerability has been identified and addressed in the Linux kernel. On certain platforms, such as i.MX25 and i.MX27, which do not support Precision Time Protocol (PTP), the fec_ptp_save_state() function is unnecessarily called, causing a kernel panic. The issue arises due to the failure of fec_ptp_init() being called on unsupported platforms, which leaves the related members in fep uninitialized. To mitigate this issue, a condition has been added to prevent the unconditional call to fec_ptp_save_state() when PTP is not supported.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Linux Kernel
Affected Vendors
- LINUX