PT-2024-33929 · Linux+2 · Linux Kernel+2

Guenter Roeck

Published

2024-11-05

Updated

2025-10-03

CVE-2024-50097

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: The issue arises from the unconditional call to fec ptp save state(), which can cause the kernel to panic on platforms that do not support PTP, such as i.MX25 and i.MX27. This happens because fec ptp init() is not called on these platforms, resulting in uninitialized related members in fep. To resolve this, a condition has been added to prevent fec ptp save state() from being called if PTP is not supported.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Incorrect Type Conversion or Cast

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-704

Related Identifiers

ALSA-2025_12746

ALSA-2025_12752

ALSA-2025_12753

ALSA-2025_16880

ALT-PU-2024-17211

ALT-PU-2025-12647

BDU:2025-03367

CVE-2024-50097

OPENSUSE-SU-2024:14500-1

OPENSUSE-SU-2025:14705-1

Affected Products

Alt Linux

Linux Kernel

Red Os

PT-2024-33929 · Linux+2 · Linux Kernel+2

CVE-2024-50097

Weakness Enumeration

Related Identifiers

Affected Products

References · 529