CVE-2024-26802: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-26802 affects the Linux kernel's stmmac ethernet driver. The vulnerability was discovered when a workqueue variable was not properly cleared after being destroyed, potentially leading to a kernel/module panic. The issue was disclosed on April 4, 2024, and affects Linux kernel versions from 5.13 up to (but not including) 5.15.151 (NVD).

The vulnerability occurs in the stmmac ethernet driver's workqueue handling. When suspending the driver and stopping the workqueue, the code checks if the workqueue is not NULL and destroys it. However, while the destroyworkqueue() function drains the queue and clears the variable, it does not set the workqueue variable to NULL. This becomes problematic during driver resume operations, particularly when stmmachw_setup() fails due to DMA engine initialization issues. The CVSS v3.1 base score is 5.5 (Medium) with vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

The vulnerability can result in a kernel/module panic if code attempts to clear a workqueue that was not properly initialized. This occurs specifically when the DMA engine fails to initialize during resume operations, leading to interface malfunction and TX queue timeout, ultimately triggering a 'Reset adapter' error and subsequent kernel panic (Kernel Patch).

The fix involves modifying the stmmacfpestop_wq function to explicitly set the workqueue variable to NULL after destroying it. This patch has been implemented in the Linux kernel and is available through various distribution updates. The fix is tracked by multiple kernel patches that have been merged into different kernel versions (Kernel Patch).