PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-53231 Linux CVE debrief

A vulnerability was found in the Linux kernel, specifically in the PHY-driven SFP cages setup when using genphy. The issue arises because the genphy code does not support PHY-driver SFP cages. Furthermore, running sfp_bus_add_upstream() for genphy leads to a deadlock due to PHY probing running under RTNL for genphy but not for non-genphy drivers. This problem was reproduced and confirmed to cause a deadlock on RTNL. Prior to the commit that introduced this issue, phy_sfp_probe() was called by individual PHY drivers, avoiding the SFP probing path when using genphy. To address this, phy_sfp_probe should only be executed when not using genphy.

Vendor
Linux
Product
Unknown
CVSS
Unknown
CISA KEV
Not listed in stored evidence
Original CVE published
2026-06-25
Original CVE updated
2026-06-30
Advisory published
2026-06-25
Advisory updated
2026-06-30

Who should care

Linux kernel maintainers, developers, and users who rely on PHY-driven SFP cages should be aware of this vulnerability. Those using genphy and PHY-driver SFP cages are particularly affected, as the current implementation can lead to deadlocks. System administrators and security teams monitoring Linux kernel updates should also take note.

Technical summary

The Linux kernel vulnerability (CVE-2026-53231) is related to the setup of PHY-driven SFP cages when using genphy. The genphy code lacks support for PHY-driver SFP cages. When sfp_bus_add_upstream() is run for genphy, it causes a deadlock because PHY probing for genphy operates under RTNL, unlike non-genphy drivers. This issue was confirmed through reproduction and leads to a deadlock on RTNL. The problem was introduced when phy_sfp_probe() started being called in a way that could lead to SFP probing when using genphy. To fix this, the call to phy_sfp_probe should be conditional, only executing when not using genphy.

Defensive priority

Apply the patch to prevent deadlocks when using genphy with PHY-driven SFP cages. Review and update Linux kernel configurations to ensure genphy and PHY-driver SFP cages are properly managed.

Recommended defensive actions

  • Apply the official patch to conditionally call phy_sfp_probe only when not using genphy.
  • Review Linux kernel configurations for genphy and PHY-driver SFP cages.
  • Monitor system logs for signs of deadlocks related to PHY probing and SFP cages.
  • Update documentation to reflect the conditional calling of phy_sfp_probe.
  • Perform regular security audits to identify similar vulnerabilities.

Evidence notes

The vulnerability was introduced due to the lack of support for PHY-driver SFP cages in the genphy code and the potential for deadlocks when running sfp_bus_add_upstream() for genphy. The issue was confirmed through reproduction. The fix involves conditionally calling phy_sfp_probe based on the driver type.

Official resources

This article was generated with AI assistance based on the supplied source corpus.