Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net: phy: micrel: Fixed potential null pointer dereferencing. In functions lan8814getsigrx and lan8814getsigtx, ptpparseheader may return NULL due to abnormal packet types or corrupted packets. This bug has been fixed by adding a...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: phy: micrel: Allow probing without .driverdata Currently, if the .probe element is present in the phydriver structure and there is no .driverdata, a NULL pointer dereferencing occurs. By inserting NULL checks for priv-type, ...

ROS-20260112-7344

A vulnerability in the ks8851irq function of the drivers/net/ethernet/micrel/ks8851common.c module of the Linux operating system kernel is related to insufficient resource locking. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

CVE-2025-40239

CVE-2025-40239 pertains to the Linux kernel’s LAN8814 PHY handling. The issue stems from the LAN8814 PTP probe where shared->phydev is only set if the PTP clock is actually configured; if not, IRQ handling may access a NULL shared->phydev, risking a crash. The documented fix is to always se...

CVE-2025-40239 net: phy: micrel: always set shared->phydev for LAN8814

In the Linux kernel, the following vulnerability has been resolved: net: phy: micrel: always set shared-phydev for LAN8814 Currently, during the LAN8814 PTP probe shared-phydev is only set if PTP clock gets actually set, otherwise the function will return before setting it. This is an issue as...

PT-2025-49066

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the LAN8814 network PHY. Specifically, the shared-phydev pointer is not always initialized during the PTP probe, leading to a potential NULL...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988868)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988868 advisory. In the Linux kernel, the following vulnerability has been resolved: net: phy: micrel: Allow probing without .driverdata Currently, if the .probe element is present i...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-990175)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990175 advisory. In the Linux kernel, the following vulnerability has been resolved: net: phy: micrel: Allow probing without .driverdata Currently, if the .probe element is present i...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986657)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986657 advisory. In the Linux kernel, the following vulnerability has been resolved: net: phy: micrel: Allow probing without .driverdata Currently, if the .probe element is present i...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-986336)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986336 advisory. In the Linux kernel, the following vulnerability has been resolved: net: phy: micrel: Allow probing without .driverdata Currently, if the .probe element is present i...

EUVD-2022-54757

Malicious code in bioql PyPI...

kernel: net: phy: micrel: Fix potential null pointer dereference

In the Linux kernel, the following vulnerability has been resolved: net: phy: micrel: Fix potential null pointer dereference In lan8814getsigrx and lan8814getsigtx ptpparseheader may return NULL as ptpheader due to abnormal packet type or corrupted packet. Fix this bug by adding ptpheader check...

SUSE CVE-2022-49472

In the Linux kernel, the following vulnerability has been resolved: net: phy: micrel: Allow probing without .driverdata Currently, if the .probe element is present in the phydriver structure and the .driverdata is not, a NULL pointer dereference happens. Allow passing .probe without .driverdata b...

DEBIAN-CVE-2022-49472

In the Linux kernel, the following vulnerability has been resolved: net: phy: micrel: Allow probing without .driverdata Currently, if the .probe element is present in the phydriver structure and the .driverdata is not, a NULL pointer dereference happens. Allow passing .probe without .driverdata b...

UBUNTU-CVE-2022-49472

In the Linux kernel, the following vulnerability has been resolved: net: phy: micrel: Allow probing without .driverdata Currently, if the .probe element is present in the phydriver structure and the .driverdata is not, a NULL pointer dereference happens. Allow passing .probe without .driverdata b...

CVE-2022-49472 net: phy: micrel: Allow probing without .driver_data

In the Linux kernel, the following vulnerability has been resolved: net: phy: micrel: Allow probing without .driverdata Currently, if the .probe element is present in the phydriver structure and the .driverdata is not, a NULL pointer dereference happens. Allow passing .probe without .driverdata b...

CVE-2022-49472 net: phy: micrel: Allow probing without .driver_data

In the Linux kernel, the following vulnerability has been resolved: net: phy: micrel: Allow probing without .driverdata Currently, if the .probe element is present in the phydriver structure and the .driverdata is not, a NULL pointer dereference happens. Allow passing .probe without .driverdata b...

CVE-2022-49472

CVE-2022-49472 affects the Linux kernel PHY Micrel driver: if a .probe is present and .driver_data is missing, a NULL pointer dereference can occur. The fix adds NULL checks for priv->type to allow probing without .driver_data. Connected advisories (Astra/Unity Linux) reference Linux kernel ve...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a missing check for priv-type in the micrel phy driver, which could lead to a null pointer dereference...

The vulnerability of the micrel component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the micrel component in the Linux operating system’s kernel is related to a memory corruption in the lan8841suspend function. Exploiting this vulnerability can allow an attacker to cause a service failure...