5.5
CVE-2025-38725
- EPSS 0.14%
- Veröffentlicht 04.09.2025 15:33:23
- Zuletzt bearbeitet 12.05.2026 13:17:02
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
net: usb: asix_devices: add phy_mask for ax88772 mdio bus
In the Linux kernel, the following vulnerability has been resolved: net: usb: asix_devices: add phy_mask for ax88772 mdio bus Without setting phy_mask for ax88772 mdio bus, current driver may create at most 32 mdio phy devices with phy address range from 0x00 ~ 0x1f. DLink DUB-E100 H/W Ver B1 is such a device. However, only one main phy device will bind to net phy driver. This is creating issue during system suspend/resume since phy_polling_mode() in phy_state_machine() will directly deference member of phydev->drv for non-main phy devices. Then NULL pointer dereference issue will occur. Due to only external phy or internal phy is necessary, add phy_mask for ax88772 mdio bus to workarnoud the issue.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 5.14 < 5.15.190
Linux ≫ Linux Kernel Version >= 5.16 < 6.1.149
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.103
Linux ≫ Linux Kernel Version >= 6.7 < 6.12.43
Linux ≫ Linux Kernel Version >= 6.13 < 6.15.11
Linux ≫ Linux Kernel Version >= 6.16 < 6.16.2
Linux ≫ Linux Kernel Version6.17 Updaterc1
Debian ≫ Debian Linux Version11.0
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.14% | 0.036 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-476 NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.
https://git.kernel.org/stable/c/75947d3200de98a9ded9ad8972e02f1a177097fe
https://git.kernel.org/stable/c/59ed6fbdb1bc03316e09493ffde7066f031c7524
https://git.kernel.org/stable/c/ccef5ee4adf56472aa26bdd1f821a6d0cd06089a
https://git.kernel.org/stable/c/ee2cd40b0bb46056949a2319084a729d95389386
https://git.kernel.org/stable/c/a754ab53993b1585132e871c5d811167ad3c52ff
https://git.kernel.org/stable/c/ad1f8313aeec0115f9978bd2d002ef4a8d96c773
https://git.kernel.org/stable/c/4faff70959d51078f9ee8372f8cff0d7045e4114
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
https://cert-portal.siemens.com/productcert/html/ssa-032379.html