PT-2025-27293 · Linux+8 · Linux Kernel+8
Published
2025-06-28
·
Updated
2026-04-20
·
CVE-2025-38086
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions:
Linux kernel (affected versions not specified)
Description:
A vulnerability in the Linux kernel has been identified, specifically in the ch9200 network driver. The issue arises from the
mii nway restart() function, which calls mii->mdio read, also known as ch9200 mdio read(). This function uses a local buffer called buff, initialized by control read(). However, buff is conditionally initialized, and if the condition err == size is not met, buff remains uninitialized. As a result, buff is accessed and returned during ch9200 mdio read(), leading to uninitialized access. The problem is caused by ch9200 mdio read() ignoring the return value of control read(), resulting in uninitialized access of buff.Recommendations:
To fix this issue, check the return value of
control read() and return early on error in the ch9200 mdio read() function.Exploit
Fix
Use of Uninitialized Resource
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Almalinux
Centos
Debian
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Ubuntu