CVE-2024-35992

Published: May 20, 2024

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: phy: marvell: a3700-comphy: Fix out of bounds read There is an out of bounds read access of 'gbe_phy_init_fix[fix_idx].addr' every iteration after 'fix_idx' reaches 'ARRAY_SIZE(gbe_phy_init_fix)'. Make sure 'gbe_phy_init[addr]' is used when all elements of 'gbe_phy_init_fix' array are handled. Found by Linux Verification Center (linuxtesting.org) with SVACE.

Vendor	Product	Versions
Linux	Linux	affected `934337080c6c59b75db76b180b509f218640ad48 - < 976df695f579bbb2914114b4e9974fe4ed1eb813` affected `934337080c6c59b75db76b180b509f218640ad48 - < 610f175d2e16fb2436ba7974b990563002c20d07` affected `934337080c6c59b75db76b180b509f218640ad48 - < 40406dfbc060503d2e0a9e637e98493c54997b3d` affected `934337080c6c59b75db76b180b509f218640ad48 - < e4308bc22b9d46cf33165c9dfaeebcf29cd56f04`
Linux	Linux	affected `5.18` unaffected `0 - < 5.18` unaffected `6.1.90 - <= 6.1.` unaffected `6.6.30 - <= 6.6.` unaffected `6.8.9 - <= 6.8.*` +1 more versions

References

https://git.kernel.org/stable/c/976df695f579bbb2914114b4e9974fe4ed1eb813

https://git.kernel.org/stable/c/610f175d2e16fb2436ba7974b990563002c20d07

https://git.kernel.org/stable/c/40406dfbc060503d2e0a9e637e98493c54997b3d

https://git.kernel.org/stable/c/e4308bc22b9d46cf33165c9dfaeebcf29cd56f04

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-35992

Description

Affected Products

References