CVE-2026-23368Deadlock in Linux

CWE-833Deadlock8 documents7 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 90.94%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
LinuxLinux KernelDebian Linux+1 more
Timeline
PublishedMar 25

Description

In the Linux kernel, the following vulnerability has been resolved: net: phy: register phy led_triggers during probe to avoid AB-BA deadlock There is an AB-BA deadlock when both LEDS_TRIGGER_NETDEV and LED_TRIGGER_PHY are enabled: [ 1362.049207] [] led_trigger_register+0x5c/0x1fc ] phy_led_triggers_register+0xd0/0x234 [ 1362.060329] [] phy_attach_direct+0x33c/0x40c [ 1362.065489] [] phylink_fwnode_phy_connect+0x15c/0x23c [ 1362.071480] [] mtk_open+0x7c/0xba0 [ 1362.075849] [] __dev_open+0x280

Affected Packages5 packages

Linuxlinux/linux_kernel4.16.06.1.167+4
Debianlinux/linux_kernel< 6.19.8-1
CVEListV5linux/linux06f502f57d0d7728f9fa0f157ec5e4111ddb98f6c6ffc2d2338d325e1edd0c702e3ee623aa5fdc6a+6
debiandebian/linux< linux 6.19.8-1 (forky)

🔴Vulnerability Details

3
OSV
net: phy: register phy led_triggers during probe to avoid AB-BA deadlock2026-03-25
OSV
CVE-2026-23368: In the Linux kernel, the following vulnerability has been resolved: net: phy: register phy led_triggers during probe to avoid AB-BA deadlock There is2026-03-25
GHSA
GHSA-qvjj-9xg3-chp9: In the Linux kernel, the following vulnerability has been resolved: net: phy: register phy led_triggers during probe to avoid AB-BA deadlock There i2026-03-25

📋Vendor Advisories

3
Red Hat
kernel: net: phy: register phy led_triggers during probe to avoid AB-BA deadlock2026-03-25
Microsoft
net: phy: register phy led_triggers during probe to avoid AB-BA deadlock2026-03-10
Debian
CVE-2026-23368: linux - In the Linux kernel, the following vulnerability has been resolved: net: phy: r...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-23368 Impact, Exploitability, and Mitigation Steps | Wiz