Linux · Linux Kernel · CVE-2024-26802
**Name of the Vulnerable Software and Affected Versions**
Linux kernel (affected versions not specified)
**Description**
The vulnerability is related to the stmmac component of the Linux kernel, which can cause a kernel/module panic when attempting to clear a workqueue that was not initialized. This scenario can occur when resuming a suspended driver, specifically in the stmmac resume() function, due to the lack of handling for failed stmmac hw setup(), which can fail if the DMA engine has not been initialized. The issue arises because the workqueue is initialized after the DMA engine and can be skipped, leading to a crash when the workqueue is destroyed during the reset process. To secure against this possible crash, the workqueue variable should be set to NULL when destroying the workqueue.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.