GHSA-q56q-rvw2-p4r2unknown

In the Linux kernel, the following vulnerability has been resolved: fwctl: Fix class init...

Published
June 24, 2026
Last Modified
June 24, 2026

🔗 CVE IDs covered (1)

📋 Description

In the Linux kernel, the following vulnerability has been resolved:

fwctl: Fix class init ordering to avoid NULL pointer dereference on device removal

CXL is linked before fwctl in drivers/Makefile. Both use module_init, so cxl_pci_driver_init()runs first. Whencxl_pci_probe()callsfwctl_register()and thendevice_add(), fwctl_class is not yet registered because fwctl_init() hasn't run, causing class_to_subsys()` to return NULL and skip knode_class initialization.

On device removal, class_to_subsys() returns non-NULL, and device_del() calls klist_del() on the uninitialized knode, triggering a NULL pointer dereference.

🔗 References (5)