Debian GNU/Linux is a Linux distribution composed of free and open-source software.

Linux Debian

Ubuntu is a Linux distribution based on Debian, mostly composed of free and open-source software. Ubuntu is officially released in three editions: Desktop, Server, and Core for internet of things devices and robots. All the editions can run on the computer alone or in a virtual machine.

Linux Ubuntu

In the Linux kernel, the following vulnerability has been resolved:

phy: lynx-28g: serialize concurrent phy_set_mode_ext() calls to shared registers

The protocol converter configuration registers PCC8, PCCC, PCCD
(implemented by the driver), as well as others, control protocol
converters from multiple lanes (each represented as a different
struct phy). So, if there are simultaneous calls to phy_set_mode_ext()
to lanes sharing the same PCC register (either for the "old" or for the
"new" protocol), corruption of the values programmed to hardware is
possible, because lynx_28g_rmw() has no locking.

Add a spinlock in the struct lynx_28g_priv shared by all lanes, and take
the global spinlock from the phy_ops :: set_mode() implementation. There
are no other callers which modify PCC registers.

CVE-2023-52505:
Linux Debian vulnerability analysis and mitigation

Overview

Technical details

Impact

Mitigation and workarounds

Additional resources

4.7

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud threat landscape

PEACH

Ready to see Wiz in action?

CVE-2023-52505: Linux Debian vulnerability analysis and mitigation