PT-2025-28992 · Linux+5 · Linux Kernel+5

Published

2025-06-02

·

Updated

2026-05-26

·

CVE-2025-38272

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)
Description: The Linux kernel contains an issue within the networking subsystem, specifically related to the b53 driver for Broadcom BCM63xx switches. The driver attempts to enable Energy Efficient Ethernet (EEE) on switches that do not support it, leading to system hangs when accessing non-existent EEE registers. This occurs when external PHYs connected to the switch are EEE capable. The fix involves verifying switch support for EEE before configuration.
Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Buffer Overflow

Weakness Enumeration

CWE-119

Related Identifiers

AZL-65006
AZL-70654
BDU:2025-10308
CVE-2025-38272
DSA-6008-1
ECHO-102F-A50E-F597
OPENSUSE-SU-2025:20081-1
SUSE-SU-2025:02853-1
SUSE-SU-2025:02923-1
SUSE-SU-2025:02969-1
SUSE-SU-2025:02996-1
SUSE-SU-2025:02997-1
SUSE-SU-2025:03011-1
SUSE-SU-2025:03023-1
SUSE-SU-2025:20577-1
SUSE-SU-2025:20586-1
SUSE-SU-2025:20601-1
SUSE-SU-2025:20602-1
SUSE-SU-2025:21074-1
SUSE-SU-2025:21139-1
SUSE-SU-2025:21179-1
SUSE-SU-2025_02853-1
SUSE-SU-2025_02969-1
SUSE-SU-2025_02996-1
SUSE-SU-2025_02997-1
SUSE-SU-2025_03011-1
SUSE-SU-2025_03023-1
USN-7769-1
USN-7769-2
USN-7769-3
USN-7770-1
USN-7771-1
USN-7789-1
USN-7789-2

Affected Products

Broadcom Bcm63Xx
Debian
Linuxmint
Linux Kernel
Suse
Ubuntu