CVE-2023-52505

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to the phy component of the Linux kernel, specifically with the lynx-28g driver. The problem arises from concurrent calls to phy set mode ext() on lanes sharing the same PCC register, which can lead to corruption of the values programmed to hardware due to the lack of locking in lynx 28g rmw(). This can result in a denial of service. The protocol converter configuration registers PCC8, PCCC, PCCD, and others, control protocol converters from multiple lanes, each represented as a different struct phy. To address this, a spinlock is added to the struct lynx 28g priv shared by all lanes, and the global spinlock is taken from the phy ops :: set mode() implementation.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.