CVE-2026-45874

medium

Description

In the Linux kernel, the following vulnerability has been resolved: phy: freescale: imx8qm-hsio: fix NULL pointer dereference During the probe the refclk_pad pointer is set to NULL if the 'fsl,refclk-pad-mode' property is not defined in the devicetree node. But in imx_hsio_configure_clk_pad() this pointer is unconditionally used which could result in a NULL pointer dereference. So check the pointer before to use it.

References

https://git.kernel.org/stable/c/dd8b9ba3d9701832cfb5dcefd8b43250df28dbc2

https://git.kernel.org/stable/c/a771b386cb6c6e582e7b50f8eeff3347ff887f71

https://git.kernel.org/stable/c/8d29e81e9cdec84d4b9acb1736550d35e86c88af

https://git.kernel.org/stable/c/4dd5d4c0361af0a3fd24f45c815996abf4429770

Details

Source: Mitre, NVD

Published: 2026-05-27

Updated: 2026-05-27

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00018