CVE-2025-38111

HIGH

Linux Kernel - Out-of-bounds Read/Write via MDIO Address Parameter

Title source: llm
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: net/mdiobus: Fix potential out-of-bounds read/write access When using publicly available tools like 'mdio-tools' to read/write data from/to network interface and its PHY via mdiobus, there is no verification of parameters passed to the ioctl and it accepts any mdio address. Currently there is support for 32 addresses in kernel via PHY_MAX_ADDR define, but it is possible to pass higher value than that via ioctl. While read/write operation should generally fail in this case, mdiobus provides stats array, where wrong address may allow out-of-bounds read/write. Fix that by adding address verification before read/write operation. While this excludes this access from any statistics, it improves security of read/write operation.

References (10)

Core 10
Core References

Scores

CVSS v3 7.1
EPSS 0.0018
EPSS Percentile 7.5%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Details

CWE
CWE-125
Status published
Products (25)
debian/debian_linux 11.0
linux/Kernel 5.11.0 - 5.15.186linux
linux/Kernel 5.16.0 - 6.1.142linux
linux/Kernel 5.6.0 - 5.10.239linux
linux/Kernel 6.13.0 - 6.15.3linux
linux/Kernel 6.2.0 - 6.6.94linux
linux/Kernel 6.7.0 - 6.12.34linux
Linux/Linux < 5.6
Linux/Linux 080bb352fad00d04995102f681b134e3754bfb6e - 014ad9210373d2104f6ef10e6bb999a7a0a4c50e
Linux/Linux 080bb352fad00d04995102f681b134e3754bfb6e - 049af7ac45a6b407748ee0995278fd861e36df8f
... and 15 more
Published Jul 03, 2025
Tracked Since Feb 18, 2026