Linux Kernel Intel Ethernet Driver Clock Management Vulnerability

Vulnerability

A vulnerability in the Linux kernel's handling of the Intel Ethernet PCI driver has been addressed. The issue arose in the clock management during the removal process of the driver. Initially, a commit removed a necessary 'clk_disable_unprepare()' call, leading to improper clock handling. This omission was partially corrected in a subsequent commit, but the latest updates to the driver removal process created a new inconsistency. The 'clk_disable_unprepare()' call is now needed again in the 'intel_eth_pci_remove()' function to prevent potential issues.

Impact

The vulnerability could lead to improper clock management, causing potential instability or unexpected behavior in the system when the Intel Ethernet driver is unloaded.

Added: Jun 18, 2025, 7:21 PM

Updated: Jun 18, 2025, 7:21 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Intel Ethernet Driver Clock Management Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating