914 matches found
CVE-2025-71094
In the Linux kernel, the following vulnerability has been resolved: net: usb: asix: validate PHY address before use The ASIX driver reads the PHY address from the USB device via asixreadphyaddr. A malicious or faulty device can return an invalid address = PHYMAXADDR, which causes a warning in...
CVE-2025-71094
In the Linux kernel, the following vulnerability has been resolved: net: usb: asix: validate PHY address before use The ASIX driver reads the PHY address from the USB device via asixreadphyaddr. A malicious or faulty device can return an invalid address = PHYMAXADDR, which causes a warning in...
UBUNTU-CVE-2025-71094
In the Linux kernel, the following vulnerability has been resolved: net: usb: asix: validate PHY address before use The ASIX driver reads the PHY address from the USB device via asixreadphyaddr. A malicious or faulty device can return an invalid address = PHYMAXADDR, which causes a warning in...
CVE-2025-71094 net: usb: asix: validate PHY address before use
In the Linux kernel, the following vulnerability has been resolved: net: usb: asix: validate PHY address before use The ASIX driver reads the PHY address from the USB device via asixreadphyaddr. A malicious or faulty device can return an invalid address = PHYMAXADDR, which causes a warning in...
CVE-2025-71094
In the Linux kernel, the following vulnerability has been resolved: net: usb: asix: validate PHY address before use The ASIX driver reads the PHY address from the USB device via asixreadphyaddr. A malicious or faulty device can return an invalid address = PHYMAXADDR, which causes a warning in...
CVE-2025-71094
CVE-2025-71094: In the Linux kernel, the ASIX USB Ethernet driver (net: usb: asix) could read an invalid PHY address from a USB device (address >= PHY_MAX_ADDR), triggering a warning in mdiobus_get_phy. The fix validates the PHY address in asix_read_phy_addr() and removes the now-redundant che...
CVE-2025-71094 net: usb: asix: validate PHY address before use
In the Linux kernel, the following vulnerability has been resolved: net: usb: asix: validate PHY address before use The ASIX driver reads the PHY address from the USB device via asixreadphyaddr. A malicious or faulty device can return an invalid address = PHYMAXADDR, which causes a warning in...
Linux Distros Unpatched Vulnerability : CVE-2025-71094
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: usb: asix: validate PHY address before use The ASIX driver reads the PHY address from t...
PT-2026-2615
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The ASIX driver in the Linux kernel does not properly validate the PHY address read from a USB device via the asix read phy addr function. A malicious or faulty device could return an...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000527)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000527 advisory. In the Linux kernel through 5.4.6, there is a NULL pointer dereference in drivers/scsi/libsas/sasdiscover.c because of mishandling of port disconnection during...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000362)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000362 advisory. In the Linux kernel through 5.4.6, there is a NULL pointer dereference in drivers/scsi/libsas/sasdiscover.c because of mishandling of port disconnection during...
PT-2026-6151
In the Linux kernel, the following vulnerability has been resolved: net: phy: intel-xway: fix OF node refcount leakage Automated review spotted am OF node reference count leakage when checking if the 'leds' child node exists. Call of put node to correctly maintain the refcount...
PT-2026-27733
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to a potential AB-BA deadlock when both LEDS TRIGGER NETDEV and LED TRIGGER PHY are enabled. The issue occurs during the registration of PHY LED...
SUSE CVE-2023-54229
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix registration of 6Ghz-only phy without the full channel range Because of what seems to be a typo, a 6Ghz-only phy for which the BDF does not allow the 7115Mhz channel will fail to register: WARNING: CPU: 2 PID: 1...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993008)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993008 advisory. In the Linux kernel, the following vulnerability has been resolved: net: phy: fix null-ptr-deref while probe failed I got a null-ptr-deref report as following when...
CVE-2022-50818
In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix runningreq for internal abort commands Disabling the remote phy for a SATA disk causes a hang: root@none$ more /sys/class/sasphy/phy-0:0:8/targetportprotocols sata root@none$ echo 0...
CVE-2023-54229 wifi: ath11k: fix registration of 6Ghz-only phy without the full channel range
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix registration of 6Ghz-only phy without the full channel range Because of what seems to be a typo, a 6Ghz-only phy for which the BDF does not allow the 7115Mhz channel will fail to register: WARNING: CPU: 2 PID: 1...
CVE-2023-54229 wifi: ath11k: fix registration of 6Ghz-only phy without the full channel range
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix registration of 6Ghz-only phy without the full channel range Because of what seems to be a typo, a 6Ghz-only phy for which the BDF does not allow the 7115Mhz channel will fail to register: WARNING: CPU: 2 PID: 1...
CVE-2022-50818 scsi: pm8001: Fix running_req for internal abort commands
In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix runningreq for internal abort commands Disabling the remote phy for a SATA disk causes a hang: root@none$ more /sys/class/sasphy/phy-0:0:8/targetportprotocols sata root@none$ echo 0...
CVE-2022-50818
CVE-2022-50818 concerns the Linux kernel SCSI PM8001 subsystem. The fixed issue is in the per-device running_req accounting for internal abort commands: a race/defect prevented running_req from decrementing after internal abort completion, causing a hang in SAS/SATA paths (notably when disabling ...