GHSA-grrc-m4h5-r55jHighCVSS 8.8
In the Linux kernel, the following vulnerability has been resolved: net: phy: clean the sfp...
🔗 CVE IDs covered (1)
📋 Description
In the Linux kernel, the following vulnerability has been resolved:
net: phy: clean the sfp upstream if phy probing fails
Sashiko reported that we don't call sfp_bus_del_upstream() in the probe failure path, so let's add it, otherwise the sfp-bus is left with a dangling 'upstream' field, that may be used later on during SFP events.
This issue existed before the generic phylib sfp support, back when drivers were calling phy_sfp_probe themselves.