vulnerability

Debian: CVE-2024-50188: linux, linux-6.1 -- security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:L/AC:L/Au:S/C:N/I:N/A:C)	Nov 8, 2024	Nov 11, 2024	Mar 3, 2025

Severity

CVSS

(AV:L/AC:L/Au:S/C:N/I:N/A:C)

Published

Nov 8, 2024

Added

Nov 11, 2024

Modified

Mar 3, 2025

Description

In the Linux kernel, the following vulnerability has been resolved:

net: phy: dp83869: fix memory corruption when enabling fiber

When configuring the fiber port, the DP83869 PHY driver incorrectly
calls linkmode_set_bit() with a bit mask (1 << 10) rather than a bit
number (10). This corrupts some other memory location -- in case of
arm64 the priv pointer in the same structure.

Since the advertising flags are updated from supported at the end of the
function the incorrect line isn't needed at all and can be removed.

Solutions

debian-upgrade-linuxdebian-upgrade-linux-6-1

References

CVE-2024-50188
https://attackerkb.com/topics/CVE-2024-50188
DEBIAN-DLA-4008-1

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today