In the Linux kernel, following vulnerability has been resolved: ice: fix NULL access of tx->in_use in ice_ptp_ts_irq The E810 device support for a "low latency" firmware interface to access and read Tx timestamps. This does not use standard Tx timestamp logic, due to latency overhead proxying sideband command requests over AdminQ. The logic still makes tracking structure, ice_ptp_tx, as it uses same "ready" bitmap track which Tx timestamps complete. Unfortunately, ice_ptp_ts_irq() function check if tracker is initialized before its first access. results dereference or use-after-free bugs similar following: [245977.278756] BUG: kernel pointer dereference, address: 0000000000000000 [245977.278774] RIP: 0010:_find_first_bit+0x19/0x40 [245977.278796] Call Trace: [245977.278809] ? ice_misc_intr+0x364/0x380 [ice] This can occur interrupt races with driver reset logic. Fix this by only checking in_use (and other fields) the tracker is marked initialized. The reset flow will clear init field under lock tears tracker down, thus preventing any use-after-free or