{"id":"CVE-2024-42224","summary":"net: dsa: mv88e6xxx: Correct check for empty list","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: mv88e6xxx: Correct check for empty list\n\nSince commit a3c53be55c95 (\"net: dsa: mv88e6xxx: Support multiple MDIO\nbusses\") mv88e6xxx_default_mdio_bus() has checked that the\nreturn value of list_first_entry() is non-NULL.\n\nThis appears to be intended to guard against the list chip-\u003emdios being\nempty.  However, it is not the correct check as the implementation of\nlist_first_entry is not designed to return NULL for empty lists.\n\nInstead, use list_first_entry_or_null() which does return NULL if the\nlist is empty.\n\nFlagged by Smatch.\nCompile tested only.","modified":"2026-04-02T12:17:52.365400Z","published":"2024-07-30T07:47:05.608Z","related":["MGASA-2024-0277","MGASA-2024-0278","SUSE-SU-2024:2892-1","SUSE-SU-2024:2894-1","SUSE-SU-2024:2901-1","SUSE-SU-2024:2939-1","SUSE-SU-2024:2940-1","SUSE-SU-2024:2947-1","SUSE-SU-2024:3194-1","SUSE-SU-2024:3195-1","SUSE-SU-2024:3383-1","SUSE-SU-2025:20044-1","SUSE-SU-2025:20047-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/42xxx/CVE-2024-42224.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/2a2fe25a103cef73cde356e6d09da10f607e93f5"},{"type":"WEB","url":"https://git.kernel.org/stable/c/3bf8d70e1455f87856640c3433b3660a31001618"},{"type":"WEB","url":"https://git.kernel.org/stable/c/3f25b5f1635449036692a44b771f39f772190c1d"},{"type":"WEB","url":"https://git.kernel.org/stable/c/47d28dde172696031c880c5778633cdca30394ee"},{"type":"WEB","url":"https://git.kernel.org/stable/c/4c7f3950a9fd53a62b156c0fe7c3a2c43b0ba19b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/8c2c3cca816d074c75a2801d1ca0dea7b0148114"},{"type":"WEB","url":"https://git.kernel.org/stable/c/aa03f591ef31ba603a4a99d05d25a0f21ab1cd89"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f75625db838ade28f032dacd0f0c8baca42ecde4"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/42xxx/CVE-2024-42224.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-42224"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"a3c53be55c955b7150cda17874c3fcb4eeb97a89"},{"fixed":"47d28dde172696031c880c5778633cdca30394ee"},{"fixed":"3bf8d70e1455f87856640c3433b3660a31001618"},{"fixed":"2a2fe25a103cef73cde356e6d09da10f607e93f5"},{"fixed":"8c2c3cca816d074c75a2801d1ca0dea7b0148114"},{"fixed":"aa03f591ef31ba603a4a99d05d25a0f21ab1cd89"},{"fixed":"3f25b5f1635449036692a44b771f39f772190c1d"},{"fixed":"f75625db838ade28f032dacd0f0c8baca42ecde4"},{"fixed":"4c7f3950a9fd53a62b156c0fe7c3a2c43b0ba19b"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-42224.json"}}],"schema_version":"1.7.5"}