U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2024-38593

Change History

New CVE Received by NIST 6/19/2024 10:15:19 AM

Action Type Old Value New Value
Added Description

								
							
							
						
In the Linux kernel, the following vulnerability has been resolved:

net: micrel: Fix receiving the timestamp in the frame for lan8841

The blamed commit started to use the ptp workqueue to get the second
part of the timestamp. And when the port was set down, then this
workqueue is stopped. But if the config option NETWORK_PHY_TIMESTAMPING
is not enabled, then the ptp_clock is not initialized so then it would
crash when it would try to access the delayed work.
So then basically by setting up and then down the port, it would crash.
The fix consists in checking if the ptp_clock is initialized and only
then cancel the delayed work.
Added Reference

								
							
							
						
kernel.org https://git.kernel.org/stable/c/3ddf170e4a604f5d4d9459a36993f5e92b53e8b0 [No types assigned]
Added Reference

								
							
							
						
kernel.org https://git.kernel.org/stable/c/3fd4282d5f25c3c97fef3ef0b89b82ef4e2bc975 [No types assigned]
Added Reference

								
							
							
						
kernel.org https://git.kernel.org/stable/c/64a47cf634ae44e92be24ebc982410841093bd7b [No types assigned]
Added Reference

								
							
							
						
kernel.org https://git.kernel.org/stable/c/aea27a92a41dae14843f92c79e9e42d8f570105c [No types assigned]