CVE-2024-50188

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-50188

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-50188.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-50188

Downstream

BELL-CVE-2024-50188

DEBIAN-CVE-2024-50188

DLA-4008-1

DLA-4075-1

OESA-2024-2522

OESA-2025-1033

OESA-2025-1035

OESA-2025-1037

SUSE-SU-2024:4314-1

SUSE-SU-2024:4315-1

SUSE-SU-2024:4316-1

SUSE-SU-2024:4318-1

SUSE-SU-2024:4364-1

SUSE-SU-2024:4376-1

SUSE-SU-2024:4387-1

openSUSE-SU-2024:14500-1

openSUSE-SU-2025:14705-1

Related

Published

2024-11-08T06:15:15Z

Modified

2025-08-09T20:01:25Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

net: phy: dp83869: fix memory corruption when enabling fiber

When configuring the fiber port, the DP83869 PHY driver incorrectly calls linkmodesetbit() with a bit mask (1 << 10) rather than a bit number (10). This corrupts some other memory location -- in case of arm64 the priv pointer in the same structure.

Since the advertising flags are updated from supported at the end of the function the incorrect line isn't needed at all and can be removed.

References

Affected packages