914 matches found
CVE-2025-38725
CVE-2025-38725 affects the Linux kernel net: usb: asix_devices driver handling of ax88772 MDIO bus. Without a phy_mask, the driver could create up to 32 MDIO phy devices (addresses 0x00–0x1f). Only one main phy binds to the net phy driver, causing issues during suspend/resume where phy_polling_mo...
CVE-2025-38725 net: usb: asix_devices: add phy_mask for ax88772 mdio bus
In the Linux kernel, the following vulnerability has been resolved: net: usb: asixdevices: add phymask for ax88772 mdio bus Without setting phymask for ax88772 mdio bus, current driver may create at most 32 mdio phy devices with phy address range from 0x00 0x1f. DLink DUB-E100 H/W Ver B1 is such ...
net: phy: Don't register LEDs for genphy
...
phy: realtek: usb: fix NULL deref in rtk_usb2phy_probe
...
phy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode
...
scsi: mpi3mr: Fix corrupt config pages PHY state is switched in sysfs
...
PT-2025-35999
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw in the ftgmac100 phy disconnect function within the ftgmac100 module. A potential NULL pointer access could occur because netdev-phydev is reset to NUL...
PT-2025-39133
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to network device drivers. Specifically, the fec enet phy reset after clk enable function may experience a null pointer dereference NPD if of ph...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the ax88772 driver not setting phymask, which could lead to a null pointer dereference...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the ftgmac100 driver not handling phydev correctly after phydisconnect, which could lead to a null pointer...
scsi: pm80xx: Set phy->enable_completion only when we wait for it
...
CVE-2025-9581
A vulnerability was detected in Comfast CF-N1 2.6.0. This impacts the function multipppoe of the file /usr/bin/webmgnt. Performing manipulation of the argument phyinterface results in command injection. The attack may be initiated remotely. The exploit is now public and may be used...
Linux Distros Unpatched Vulnerability : CVE-2025-38537
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: phy: Don't register LEDs for genphy If a PHY has no driver, the genphy driver is...
Linux Distros Unpatched Vulnerability : CVE-2025-38535
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: phy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode When transitioning from...
PT-2025-44134
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A potential NULL pointer dereference exists in the mt7996 mac sta init link routine. The issue is addressed by verifying the phy pointer before executing mt7996 mac sta init link within...
Ubuntu 25.04 : Linux kernel (Azure) vulnerabilities (USN-7721-1)
"The remote Ubuntu 25.04 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7721-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in th...
CVE-2025-9581 Comfast CF-N1 webmgnt multi_pppoe command injection
A vulnerability was detected in Comfast CF-N1 2.6.0. This impacts the function multipppoe of the file /usr/bin/webmgnt. Performing manipulation of the argument phyinterface results in command injection. The attack may be initiated remotely. The exploit is now public and may be used...
CVE-2025-9581
The CVE-2025-9581 entry affects Comfast CF-N1 firmware 2.6.0, specifically the multi_pppoe function in /usr/bin/webmgnt. Root cause: manipulation of the phy_interface argument enables command injection, with remote initial access and a publicly available exploit. Several connected sources corrobo...
USN-7721-1: Linux kernel (Azure) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PA-RISC architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - x...
USN-7699-1 linux, linux-aws, linux-aws-6.14, linux-gcp, linux-gcp-6.14, linux-oracle, linux-oracle-6.14, linux-raspi, linux-realtime vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - RISC-V architecture; - x86 architecture; - Buffer Sharing and Synchronization framework; - DM...