ghsa-vhm6-v69m-pxx6
Vulnerability from github
Published
2025-07-03 09:30
Modified
2025-07-03 09:30
Details

In the Linux kernel, the following vulnerability has been resolved:

net/mdiobus: Fix potential out-of-bounds read/write access

When using publicly available tools like 'mdio-tools' to read/write data from/to network interface and its PHY via mdiobus, there is no verification of parameters passed to the ioctl and it accepts any mdio address. Currently there is support for 32 addresses in kernel via PHY_MAX_ADDR define, but it is possible to pass higher value than that via ioctl. While read/write operation should generally fail in this case, mdiobus provides stats array, where wrong address may allow out-of-bounds read/write.

Fix that by adding address verification before read/write operation. While this excludes this access from any statistics, it improves security of read/write operation.

Show details on source website

To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2025-38111"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-03T09:15:24Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mdiobus: Fix potential out-of-bounds read/write access\n\nWhen using publicly available tools like \u0027mdio-tools\u0027 to read/write data\nfrom/to network interface and its PHY via mdiobus, there is no verification of\nparameters passed to the ioctl and it accepts any mdio address.\nCurrently there is support for 32 addresses in kernel via PHY_MAX_ADDR define,\nbut it is possible to pass higher value than that via ioctl.\nWhile read/write operation should generally fail in this case,\nmdiobus provides stats array, where wrong address may allow out-of-bounds\nread/write.\n\nFix that by adding address verification before read/write operation.\nWhile this excludes this access from any statistics, it improves security of\nread/write operation.",
  "id": "GHSA-vhm6-v69m-pxx6",
  "modified": "2025-07-03T09:30:33Z",
  "published": "2025-07-03T09:30:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38111"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/014ad9210373d2104f6ef10e6bb999a7a0a4c50e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/049af7ac45a6b407748ee0995278fd861e36df8f"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/0e629694126ca388916f059453a1c36adde219c4"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/19c5875e26c4ed5686d82a7d8f7051385461b9eb"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/73d478234a619f3476028cb02dee699c30ae8262"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b02d9d2732483e670bc34cb233d28e1d43b15da4"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/bab6bca0834cbb5be2a7cfe59ec6ad016ec72608"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.