Name of the Vulnerable Software and Affected Versions Linux Kernel versions prior to v5.4.231

Description The issue concerns the validation of the addr parameter in the mdiobus get phy() function. This is an automated identification of a potential security issue, but the actual impact and attack plausibility have not been proven yet.

Recommendations For Linux Kernel versions prior to v5.4.231, update to version v5.4.231 or later to resolve the issue. As a temporary workaround, consider restricting access to the mdiobus get phy() function until a patch is available.