CVE-2024-50188

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-50188
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-50188.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-50188
Downstream
Related
Published
2024-11-08T06:15:15Z
Modified
2025-08-09T20:01:25Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

net: phy: dp83869: fix memory corruption when enabling fiber

When configuring the fiber port, the DP83869 PHY driver incorrectly calls linkmodesetbit() with a bit mask (1 << 10) rather than a bit number (10). This corrupts some other memory location -- in case of arm64 the priv pointer in the same structure.

Since the advertising flags are updated from supported at the end of the function the incorrect line isn't needed at all and can be removed.

References

Affected packages