Linux · Linux Kernel · CVE-2024-42100
**Name of the Vulnerable Software and Affected Versions**
Linux kernel (affected versions not specified)
**Description**
The issue is related to the Linux kernel's clk component, specifically the sunxi-ng common clock controller. The problem arises from the function `sunxi ccu probe()` calling `hw to ccu common()` with an incorrect assumption about the contents of `desc->ccu clks`. This leads to invalid pointer de-references. The vulnerability can cause a denial of service.
**Recommendations**
To resolve the issue, remove the faulty call to `hw to ccu common()` and add a loop to iterate over `ccu clks` to set the rate range if required.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.