CVE-2025-38725
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
net: usb: asix_devices: add phy_mask for ax88772 mdio bus
Without setting phy_mask for ax88772 mdio bus, current driver may create at most 32 mdio phy devices with phy address range from 0x00 ~ 0x1f. DLink DUB-E100 H/W Ver B1 is such a device. However, only one main phy device will bind to net phy driver. This is creating issue during system suspend/resume since phy_polling_mode() in phy_state_machine() will directly deference member of phydev->drv for non-main phy devices. Then NULL pointer dereference issue will occur. Due to only external phy or internal phy is necessary, add phy_mask for ax88772 mdio bus to workarnoud the issue.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | e532a096be0e5e570b383e71d4560e7f04384e0f < 75947d3200de98a9ded9ad8972e02f1a177097fe | affected |
| Linux | Linux | e532a096be0e5e570b383e71d4560e7f04384e0f < 59ed6fbdb1bc03316e09493ffde7066f031c7524 | affected |
| Linux | Linux | e532a096be0e5e570b383e71d4560e7f04384e0f < ccef5ee4adf56472aa26bdd1f821a6d0cd06089a | affected |
| Linux | Linux | e532a096be0e5e570b383e71d4560e7f04384e0f < ee2cd40b0bb46056949a2319084a729d95389386 | affected |
| Linux | Linux | e532a096be0e5e570b383e71d4560e7f04384e0f < a754ab53993b1585132e871c5d811167ad3c52ff | affected |
| Linux | Linux | e532a096be0e5e570b383e71d4560e7f04384e0f < ad1f8313aeec0115f9978bd2d002ef4a8d96c773 | affected |
| Linux | Linux | e532a096be0e5e570b383e71d4560e7f04384e0f < 4faff70959d51078f9ee8372f8cff0d7045e4114 | affected |
| Linux | Linux | 5.14 | affected |
| Linux | Linux | 0 < 5.14 | unaffected |
| Linux | Linux | 5.15.190 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.149 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.103 <= 6.6.* | unaffected |
| Linux | Linux | 6.12.43 <= 6.12.* | unaffected |
| Linux | Linux | 6.15.11 <= 6.15.* | unaffected |
| Linux | Linux | 6.16.2 <= 6.16.* | unaffected |
| Linux | Linux | 6.17 <= * | unaffected |
Weaknesses
ADP Enrichment
CVE Program Container
Additional References
Additional References
References
- https://git.kernel.org/stable/c/75947d3200de98a9ded9ad8972e02f1a177097fe
- https://git.kernel.org/stable/c/59ed6fbdb1bc03316e09493ffde7066f031c7524
- https://git.kernel.org/stable/c/ccef5ee4adf56472aa26bdd1f821a6d0cd06089a
- https://git.kernel.org/stable/c/ee2cd40b0bb46056949a2319084a729d95389386
- https://git.kernel.org/stable/c/a754ab53993b1585132e871c5d811167ad3c52ff
- https://git.kernel.org/stable/c/ad1f8313aeec0115f9978bd2d002ef4a8d96c773
- https://git.kernel.org/stable/c/4faff70959d51078f9ee8372f8cff0d7045e4114
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.