VDB
CVE-2025-38726
CVE-2025-38726
PUBLISHED
CVSS 5.5 MEDIUM
In the Linux kernel, the following vulnerability has been resolved: net: ftgmac100: fix potential NULL pointer access in ftgmac100_phy_disconnect After the call to phy_disconnect() netdev->phydev is reset to NULL. So fixed_phy_unregister() would be called with a NULL pointer as argument. Therefore cache the phy_device before this call.
EPSS 0.02% · 7.1th percentile
Risk Scores
CVSS 3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score
0.02%
7.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| linux | linux_kernel | 6.12, 6.12, 6.12 |
| Linux | Linux | e24a6c874601efb3de6e535895dd8e4f56fa98f1, e24a6c874601efb3de6e535895dd8e4f56fa98f1, e24a6c874601efb3de6e535895dd8e4f56fa98f1 |
Exploit Intelligence
- CIRCL seen: CVE-2025-38726 (circl-sighting)
- https://git.kernel.org/stable/c/ae59ec969c07c73f0610f8bd7e648f01e798d222 (circl)
- https://git.kernel.org/stable/c/44bcd397ad9cd1a6b25fabb7f5edbee4fb0cfc2e (circl)
- https://git.kernel.org/stable/c/9ad90dd34b4e8e5be1e45a4559f4de0f14e53af2 (circl)
- https://git.kernel.org/stable/c/e88fbc30dda1cb7438515303704ceddb3ade4ecd (circl)
Timeline
- Jan 21, 1970 Security Advisory
- Sep 4, 2025 Coalition ESS Score
- Sep 4, 2025 CVE Published
- Sep 4, 2025 PoC Published
- Sep 5, 2025 EPSS Score
- Sep 5, 2025 Coalition ESS Score
- Sep 12, 2025 EPSS Score
- Sep 20, 2025 EPSS Score
- Sep 27, 2025 EPSS Score
- Oct 4, 2025 Coalition ESS Score
- Oct 5, 2025 EPSS Score
- Oct 6, 2025 Coalition ESS Score
References
- https://git.kernel.org/stable/c/ae59ec969c07c73f0610f8bd7e648f01e798d222 url
- https://git.kernel.org/stable/c/44bcd397ad9cd1a6b25fabb7f5edbee4fb0cfc2e url
- https://git.kernel.org/stable/c/9ad90dd34b4e8e5be1e45a4559f4de0f14e53af2 url
- https://git.kernel.org/stable/c/e88fbc30dda1cb7438515303704ceddb3ade4ecd url
- https://nvd.nist.gov/vuln/detail/CVE-2025-38726 advisory