VYPR
Unrated severityNVD Advisory· Published Feb 28, 2024· Updated May 4, 2025

can: mcp251x: fix resume from sleep before interface was brought up

CVE-2021-46994

Description

In the Linux kernel, the following vulnerability has been resolved:

can: mcp251x: fix resume from sleep before interface was brought up

Since 8ce8c0abcba3 the driver queues work via priv->restart_work when resuming after suspend, even when the interface was not previously enabled. This causes a null dereference error as the workqueue is only allocated and initialized in mcp251x_open().

To fix this we move the workqueue init to mcp251x_can_probe() as there is no reason to do it later and repeat it whenever mcp251x_open() is called.

[mkl: fix error handling in mcp251x_stop()]

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.