-

CVE-2025-71094

EPSS 0.03%
Veröffentlicht 13.01.2026 15:34:54
Zuletzt bearbeitet 19.01.2026 13:16:17
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

net: usb: asix: validate PHY address before use

The ASIX driver reads the PHY address from the USB device via
asix_read_phy_addr(). A malicious or faulty device can return an
invalid address (>= PHY_MAX_ADDR), which causes a warning in
mdiobus_get_phy():

  addr 207 out of range
  WARNING: drivers/net/phy/mdio_bus.c:76

Validate the PHY address in asix_read_phy_addr() and remove the
now-redundant check in ax88172a.c.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 9

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < fc96018f09f8d30586ca6582c5045a84eafef146

Version 7e88b11a862afe59ee0c365123ea5fb96a26cb3b

Status affected

Version < f5f4f30f3811d37e1aa48667c36add74e5a8d99f

Version 7e88b11a862afe59ee0c365123ea5fb96a26cb3b

Status affected

Version < 38722e69ee64dbb020028c93898d25d6f4c0e0b2

Version 7e88b11a862afe59ee0c365123ea5fb96a26cb3b

Status affected

Version < 98a12c2547a44a5f03f35c108d2022cc652cbc4d

Version 7e88b11a862afe59ee0c365123ea5fb96a26cb3b

Status affected

Version < bf8a0f3b787ca7c5889bfca12c60c483041fbee3

Version 7e88b11a862afe59ee0c365123ea5fb96a26cb3b

Status affected

Version < a1e077a3f76eea0dc671ed6792e7d543946227e8

Version 7e88b11a862afe59ee0c365123ea5fb96a26cb3b

Status affected

Version 4e4f3cb41d687bd64cd03358862b23c84d82329e

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.14

Status affected

Version < 5.14

Version 0

Status unaffected

Version <= 5.15.*

Version 5.15.198

Status unaffected

Version <= 6.1.*

Version 6.1.160

Status unaffected

Version <= 6.6.*

Version 6.6.120

Status unaffected

Version <= 6.12.*

Version 6.12.64

Status unaffected

Version <= 6.18.*

Version 6.18.4

Status unaffected

Version <= *

Version 6.19-rc4

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.088

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/f5f4f30f3811d37e1aa48667c36add74e5a8d99f

https://git.kernel.org/stable/c/38722e69ee64dbb020028c93898d25d6f4c0e0b2

https://git.kernel.org/stable/c/98a12c2547a44a5f03f35c108d2022cc652cbc4d

https://git.kernel.org/stable/c/bf8a0f3b787ca7c5889bfca12c60c483041fbee3

https://git.kernel.org/stable/c/a1e077a3f76eea0dc671ed6792e7d543946227e8

https://git.kernel.org/stable/c/fc96018f09f8d30586ca6582c5045a84eafef146

https://nvd.nist.gov/vuln/detail/CVE-2025-71094

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-71094

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-71094

EUVD