-

CVE-2026-53042

fwctl: Fix class init ordering to avoid NULL pointer dereference on device removal

In the Linux kernel, the following vulnerability has been resolved:

fwctl: Fix class init ordering to avoid NULL pointer dereference on device removal

CXL is linked before fwctl in drivers/Makefile. Both use `module_init, so
`cxl_pci_driver_init()` runs first. When `cxl_pci_probe()` calls
`fwctl_register()` and then `device_add()`, fwctl_class is not yet
registered because fwctl_init() hasn't run, causing `class_to_subsys()` to
return NULL and skip knode_class initialization.

On device removal, `class_to_subsys()` returns non-NULL, and
`device_del()` calls `klist_del()` on the uninitialized knode, triggering
a NULL pointer dereference.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
Produkt Linux
Default Statusunaffected
Version 858ce2f56b5253063f61f6b1c58a6dbf5d71da0b
Version < a28f56988c8e5bb9375806a5cfb0bf54d662ae3f
Status affected
Version 858ce2f56b5253063f61f6b1c58a6dbf5d71da0b
Version < 1075f2f590fdac147f8b8010c35b606564b5c7d7
Status affected
Version 858ce2f56b5253063f61f6b1c58a6dbf5d71da0b
Version < a55f80233f384dc89ef3425b2e1dd0e6d44bcf29
Status affected
HerstellerLinux
Produkt Linux
Default Statusaffected
Version 6.15
Status affected
Version 0
Version < 6.15
Status unaffected
Version <= 6.18.*
Version 6.18.33
Status unaffected
Version <= 7.0.*
Version 7.0.10
Status unaffected
Version <= *
Version 7.1
Status unaffected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.17% 0.061
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/a28f56988c8e5bb9375806a5cfb0bf54d662ae3f
https://git.kernel.org/stable/c/1075f2f590fdac147f8b8010c35b606564b5c7d7
https://git.kernel.org/stable/c/a55f80233f384dc89ef3425b2e1dd0e6d44bcf29