CVE-2024-26723

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to a crash when adding a lan966x interface under a lag interface in the Linux kernel. This can be reproduced by running specific commands, such as "ip link add name bond0 type bond miimon 100 mode balance-xor" and "ip link set dev eth0 master bond0". The reason for the crash is that the lan966x can have ports that are NULL pointers as they are not probed, causing the system to crash when iterating over these ports. The fix involves checking for NULL pointers before accessing something from the ports.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.