Linux Kernel Phylink Lock Vulnerability

HIGH (7.0) Patch Available Patch Patch

cwe-362 kernel linux lock-vulnerability phylink

Threat Intelligence

Medium Risk - Detectable

EPSS Score: 0.02% chance of exploitation (percentile: 4%)

🔍 Detection Tools: OSV.dev

⚔️ Exploit Availability: No public exploits found

How we test →

What is it?

The Linux kernel's phylink module is responsible for managing network interfaces. The vulnerability affects the way the phylink Resolve function handles concurrent modifications to the phydev structure, leading to a potential lock inversion issue.

Am I affected?

Specific version info not stated in the advisory.

Affected Products

Linux Kernel Team / Linux Kernel

How to fix

Update to Linux kernel version 5.18 or later.
- You can download the latest stable kernel from kernel.org.
Apply the patch manually by applying the provided Git commit hash (0ba5b2f2c381dbec9ed9e4ab3ae5d3e667de0dc3 or 56fe63b05ec84ae6674269d78397cec43a7a295a) to your kernel source code.