CVE-2025-38726

Summary

In the Linux kernel, the following vulnerability has been resolved:

net: ftgmac100: fix potential NULL pointer access in ftgmac100_phy_disconnect

After the call to phy_disconnect() netdev->phydev is reset to NULL. So fixed_phy_unregister() would be called with a NULL pointer as argument. Therefore cache the phy_device before this call.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxe24a6c874601efb3de6e535895dd8e4f56fa98f1 < ae59ec969c07c73f0610f8bd7e648f01e798d222affected
LinuxLinuxe24a6c874601efb3de6e535895dd8e4f56fa98f1 < 44bcd397ad9cd1a6b25fabb7f5edbee4fb0cfc2eaffected
LinuxLinuxe24a6c874601efb3de6e535895dd8e4f56fa98f1 < 9ad90dd34b4e8e5be1e45a4559f4de0f14e53af2affected
LinuxLinuxe24a6c874601efb3de6e535895dd8e4f56fa98f1 < e88fbc30dda1cb7438515303704ceddb3ade4ecdaffected
LinuxLinux6.12affected
LinuxLinux0 < 6.12unaffected
LinuxLinux6.12.43 <= 6.12.*unaffected
LinuxLinux6.15.11 <= 6.15.*unaffected
LinuxLinux6.16.2 <= 6.16.*unaffected
LinuxLinux6.17 <= *unaffected

Weaknesses

References