-

CVE-2025-38725

EPSS 0.04%
Veröffentlicht 04.09.2025 15:33:23
Zuletzt bearbeitet 05.09.2025 17:47:24
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

net: usb: asix_devices: add phy_mask for ax88772 mdio bus

Without setting phy_mask for ax88772 mdio bus, current driver may create
at most 32 mdio phy devices with phy address range from 0x00 ~ 0x1f.
DLink DUB-E100 H/W Ver B1 is such a device. However, only one main phy
device will bind to net phy driver. This is creating issue during system
suspend/resume since phy_polling_mode() in phy_state_machine() will
directly deference member of phydev->drv for non-main phy devices. Then
NULL pointer dereference issue will occur. Due to only external phy or
internal phy is necessary, add phy_mask for ax88772 mdio bus to workarnoud
the issue.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 10

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 75947d3200de98a9ded9ad8972e02f1a177097fe

Version e532a096be0e5e570b383e71d4560e7f04384e0f

Status affected

Version < 59ed6fbdb1bc03316e09493ffde7066f031c7524

Version e532a096be0e5e570b383e71d4560e7f04384e0f

Status affected

Version < ccef5ee4adf56472aa26bdd1f821a6d0cd06089a

Version e532a096be0e5e570b383e71d4560e7f04384e0f

Status affected

Version < ee2cd40b0bb46056949a2319084a729d95389386

Version e532a096be0e5e570b383e71d4560e7f04384e0f

Status affected

Version < a754ab53993b1585132e871c5d811167ad3c52ff

Version e532a096be0e5e570b383e71d4560e7f04384e0f

Status affected

Version < ad1f8313aeec0115f9978bd2d002ef4a8d96c773

Version e532a096be0e5e570b383e71d4560e7f04384e0f

Status affected

Version < 4faff70959d51078f9ee8372f8cff0d7045e4114

Version e532a096be0e5e570b383e71d4560e7f04384e0f

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.14

Status affected

Version < 5.14

Version 0

Status unaffected

Version <= 5.15.*

Version 5.15.190

Status unaffected

Version <= 6.1.*

Version 6.1.149

Status unaffected

Version <= 6.6.*

Version 6.6.103

Status unaffected

Version <= 6.12.*

Version 6.12.43

Status unaffected

Version <= 6.15.*

Version 6.15.11

Status unaffected

Version <= 6.16.*

Version 6.16.2

Status unaffected

Version <= *

Version 6.17-rc2

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.092

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/75947d3200de98a9ded9ad8972e02f1a177097fe

https://git.kernel.org/stable/c/59ed6fbdb1bc03316e09493ffde7066f031c7524

https://git.kernel.org/stable/c/ccef5ee4adf56472aa26bdd1f821a6d0cd06089a

https://git.kernel.org/stable/c/ee2cd40b0bb46056949a2319084a729d95389386

https://git.kernel.org/stable/c/a754ab53993b1585132e871c5d811167ad3c52ff

https://git.kernel.org/stable/c/ad1f8313aeec0115f9978bd2d002ef4a8d96c773

https://git.kernel.org/stable/c/4faff70959d51078f9ee8372f8cff0d7045e4114

https://nvd.nist.gov/vuln/detail/CVE-2025-38725

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-38725

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-38725

EUVD