CVE-2025-38726

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw in the ftgmac100 phy disconnect function within the ftgmac100 module. A potential NULL pointer access could occur because netdev->phydev is reset to NULL after calling phy disconnect(), leading to fixed phy unregister() being called with a NULL pointer argument. The issue is resolved by caching the phy device before the call to phy disconnect().

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.