Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-50188— net: phy: dp83869: fix memory corruption when enabling fiber

EPSS 0.02% · P5
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2024-50188

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
net: phy: dp83869: fix memory corruption when enabling fiber
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: net: phy: dp83869: fix memory corruption when enabling fiber When configuring the fiber port, the DP83869 PHY driver incorrectly calls linkmode_set_bit() with a bit mask (1 << 10) rather than a bit number (10). This corrupts some other memory location -- in case of arm64 the priv pointer in the same structure. Since the advertising flags are updated from supported at the end of the function the incorrect line isn't needed at all and can be removed.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于在启用光纤时内存损坏。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
LinuxLinux a29de52ba2a156873505d8b8cef44e69925b8114 ~ 21b5af7f0c99b3bf1fd02016e6708b613acbcaf4 -
LinuxLinux 5.10 -

II. Public POCs for CVE-2024-50188

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2024-50188

登录查看更多情报信息。

Same Patch Batch · Linux · 2024-11-08 · 38 CVEs total

CVE-2024-50203bpf, arm64: Fix address emission with tag-based KASAN enabled
CVE-2024-50194arm64: probes: Fix uprobes for big-endian kernels
CVE-2024-50195posix-clock: Fix missing timespec64 check in pc_clock_settime()
CVE-2024-50196pinctrl: ocelot: fix system hang on level based interrupts
CVE-2024-50197pinctrl: intel: platform: fix error path in device_for_each_child_node()
CVE-2024-50198iio: light: veml6030: fix IIO device retrieval from embedded device
CVE-2024-50199mm/swapfile: skip HugeTLB pages for unuse_vma
CVE-2024-50200maple_tree: correct tree corruption on spanning store
CVE-2024-50201drm/radeon: Fix encoder->possible_clones
CVE-2024-50202nilfs2: propagate directory read errors from nilfs_find_entry()
CVE-2024-50193x86/entry_32: Clear CPU buffers after register restore in NMI return
CVE-2024-50204fs: don't try and remove empty rbtree node
CVE-2024-50205ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size()
CVE-2024-50206net: ethernet: mtk_eth_soc: fix memory corruption during fq dma init
CVE-2024-50207ring-buffer: Fix reader locking when changing the sub buffer order
CVE-2024-50209RDMA/bnxt_re: Add a check for memory allocation
CVE-2024-50208RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages
CVE-2024-50210posix-clock: posix-clock: Fix unbalanced locking in pc_clock_settime()
CVE-2024-50211udf: refactor inode_bmap() to handle error
CVE-2024-50183scsi: lpfc: Ensure DA_ID handling completion before deleting an NPIV instance

Showing top 20 of 38 CVEs. View all on vendor page &rarr; →

IV. Related Vulnerabilities

Same product: Linux
Same vendor: Linux

V. Comments for CVE-2024-50188

No comments yet

Leave a comment