CVE-2024-40928
Description
In the Linux kernel, the following vulnerability has been resolved: net: ethtool: fix the error condition in ethtool_get_phy_stats_ethtool() Clang static checker (scan-build) warning: net/ethtool/ioctl.c:line 2233, column 2 Called function pointer is null (null dereference). Return '-EOPNOTSUPP' when 'ops->get_ethtool_phy_stats' is NULL to fix this typo error.
Predictions
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2024-5363.html
Vendor advisory: alma — https://bugzilla.redhat.com/2297545
Vendor advisory: alma — https://bugzilla.redhat.com/2297542
Vendor advisory: alma — https://bugzilla.redhat.com/2297538
Vendor advisory: alma — https://bugzilla.redhat.com/2297512
Vendor advisory: alma — https://bugzilla.redhat.com/2297056
Vendor advisory: alma — https://bugzilla.redhat.com/2293688
Vendor advisory: alma — https://bugzilla.redhat.com/2293687
Vendor advisory: alma — https://bugzilla.redhat.com/2293686
Vendor advisory: alma — https://bugzilla.redhat.com/2293658
Vendor advisory: alma — https://bugzilla.redhat.com/2293657
Vendor advisory: alma — https://bugzilla.redhat.com/2293441
Vendor advisory: alma — https://bugzilla.redhat.com/2293418
Vendor advisory: alma — https://bugzilla.redhat.com/2293208
Vendor advisory: alma — https://bugzilla.redhat.com/2292331
Vendor advisory: alma — https://bugzilla.redhat.com/2284543
Vendor advisory: alma — https://bugzilla.redhat.com/2284513
Vendor advisory: alma — https://bugzilla.redhat.com/2284511
Vendor advisory: alma — https://bugzilla.redhat.com/2284496
Vendor advisory: alma — https://bugzilla.redhat.com/2284474
Vendor advisory: alma — https://bugzilla.redhat.com/2284417
Vendor advisory: alma — https://bugzilla.redhat.com/2284400
Vendor advisory: alma — https://bugzilla.redhat.com/2282719
Vendor advisory: alma — https://bugzilla.redhat.com/2281949
Vendor advisory: alma — https://bugzilla.redhat.com/2281900
Vendor advisory: alma — https://bugzilla.redhat.com/2281821
Vendor advisory: alma — https://bugzilla.redhat.com/2281667
Vendor advisory: alma — https://bugzilla.redhat.com/2281639
Vendor advisory: alma — https://bugzilla.redhat.com/2281272
Vendor advisory: alma — https://bugzilla.redhat.com/2281265
Vendor advisory: alma — https://bugzilla.redhat.com/2281257
Vendor advisory: alma — https://bugzilla.redhat.com/2281237
Vendor advisory: alma — https://bugzilla.redhat.com/2281190
Vendor advisory: alma — https://bugzilla.redhat.com/2281133
Vendor advisory: alma — https://bugzilla.redhat.com/2281097
Vendor advisory: alma — https://bugzilla.redhat.com/2281057
Vendor advisory: alma — https://bugzilla.redhat.com/2278989
Vendor advisory: alma — https://bugzilla.redhat.com/2278519
Vendor advisory: alma — https://bugzilla.redhat.com/2278429
Vendor advisory: alma — https://bugzilla.redhat.com/2278417
Vendor advisory: alma — https://bugzilla.redhat.com/2278380
Vendor advisory: alma — https://bugzilla.redhat.com/2275748
Vendor advisory: alma — https://bugzilla.redhat.com/2275715
Vendor advisory: alma — https://bugzilla.redhat.com/2275655
Vendor advisory: alma — https://bugzilla.redhat.com/2275600
Vendor advisory: alma — https://bugzilla.redhat.com/2273405
Vendor advisory: alma — https://bugzilla.redhat.com/2265838
Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2024-40928
Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2024:5363
Vendor advisory: suse — https://www.suse.com/security/cve/CVE-2024-40928.html
Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2024:5363
OS impact
| OS | Version | Status | Fixed in |
|---|---|---|---|
| rhel | 9 | fixed | |
| sles | affected | | |
| rocky | 9 | fixed | |
| debian | bookworm | fixed | 0 |
| debian | bullseye | fixed | 0 |
| debian | forky | fixed | 6.9.7-1 |
| debian | sid | fixed | 6.9.7-1 |
| debian | trixie | fixed | 6.9.7-1 |
| almalinux | 9 | fixed | kernel-doc-5.14.0-427.31.1.el9_4.noarch.rpm |
References
- https://access.redhat.com/errata/RHSA-2024:5363
- https://www.suse.com/security/cve/CVE-2024-40928.html
- https://errata.rockylinux.org/RLSA-2024:5363
- https://security-tracker.debian.org/tracker/CVE-2024-40928
- https://bugzilla.redhat.com/2265838
- https://bugzilla.redhat.com/2273405
- https://bugzilla.redhat.com/2275600
- https://bugzilla.redhat.com/2275655
- https://bugzilla.redhat.com/2275715
- https://bugzilla.redhat.com/2275748
- https://bugzilla.redhat.com/2278380
- https://bugzilla.redhat.com/2278417
- https://bugzilla.redhat.com/2278429
- https://bugzilla.redhat.com/2278519
- https://bugzilla.redhat.com/2278989
- https://bugzilla.redhat.com/2281057
- https://bugzilla.redhat.com/2281097
- https://bugzilla.redhat.com/2281133
- https://bugzilla.redhat.com/2281190
- https://bugzilla.redhat.com/2281237
- https://bugzilla.redhat.com/2281257
- https://bugzilla.redhat.com/2281265
- https://bugzilla.redhat.com/2281272
- https://bugzilla.redhat.com/2281639
- https://bugzilla.redhat.com/2281667
Verify integrity in audit chain (admin only). AS-IS.