CVE-2026-53232 is a vulnerability in Linux Kernel
Published on June 25, 2026
net: phy: clean the sfp upstream if phy probing fails
In the Linux kernel, the following vulnerability has been resolved:
net: phy: clean the sfp upstream if phy probing fails
Sashiko reported that we don't call sfp_bus_del_upstream() in the probe
failure path, so let's add it, otherwise the sfp-bus is left with a
dangling 'upstream' field, that may be used later on during SFP events.
This issue existed before the generic phylib sfp support, back when
drivers were calling phy_sfp_probe themselves.
Products Associated with CVE-2026-53232
Want to know whenever a new CVE is published for Linux Kernel? stack.watch will email you.
Affected Versions
Linux:- Version 298e54fa810e027f1b0800d789eb862592721f08 and below 48774e87bbaa0056819d4b52301e4692e50e3252 is affected.
- Version 5.5 is affected.
- Before 5.5 is unaffected.
- Version 7.1, <= * is unaffected.