CVE-2025-71094
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
net: usb: asix: validate PHY address before use
The ASIX driver reads the PHY address from the USB device via asix_read_phy_addr(). A malicious or faulty device can return an invalid address (>= PHY_MAX_ADDR), which causes a warning in mdiobus_get_phy():
addr 207 out of range WARNING: drivers/net/phy/mdio_bus.c:76
Validate the PHY address in asix_read_phy_addr() and remove the now-redundant check in ax88172a.c.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 7e88b11a862afe59ee0c365123ea5fb96a26cb3b < fc96018f09f8d30586ca6582c5045a84eafef146 | affected |
| Linux | Linux | 7e88b11a862afe59ee0c365123ea5fb96a26cb3b < f5f4f30f3811d37e1aa48667c36add74e5a8d99f | affected |
| Linux | Linux | 7e88b11a862afe59ee0c365123ea5fb96a26cb3b < 38722e69ee64dbb020028c93898d25d6f4c0e0b2 | affected |
| Linux | Linux | 7e88b11a862afe59ee0c365123ea5fb96a26cb3b < 98a12c2547a44a5f03f35c108d2022cc652cbc4d | affected |
| Linux | Linux | 7e88b11a862afe59ee0c365123ea5fb96a26cb3b < bf8a0f3b787ca7c5889bfca12c60c483041fbee3 | affected |
| Linux | Linux | 7e88b11a862afe59ee0c365123ea5fb96a26cb3b < a1e077a3f76eea0dc671ed6792e7d543946227e8 | affected |
| Linux | Linux | 4e4f3cb41d687bd64cd03358862b23c84d82329e | affected |
| Linux | Linux | 5.13.13 < 5.14 | affected |
| Linux | Linux | 5.14 | affected |
| Linux | Linux | 0 < 5.14 | unaffected |
| Linux | Linux | 5.15.198 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.160 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.120 <= 6.6.* | unaffected |
| Linux | Linux | 6.12.64 <= 6.12.* | unaffected |
| Linux | Linux | 6.18.4 <= 6.18.* | unaffected |
| Linux | Linux | 6.19 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/fc96018f09f8d30586ca6582c5045a84eafef146
- https://git.kernel.org/stable/c/f5f4f30f3811d37e1aa48667c36add74e5a8d99f
- https://git.kernel.org/stable/c/38722e69ee64dbb020028c93898d25d6f4c0e0b2
- https://git.kernel.org/stable/c/98a12c2547a44a5f03f35c108d2022cc652cbc4d
- https://git.kernel.org/stable/c/bf8a0f3b787ca7c5889bfca12c60c483041fbee3
- https://git.kernel.org/stable/c/a1e077a3f76eea0dc671ed6792e7d543946227e8
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.