Acknowledged
Created: Sep 7, 2025
Updated: Sep 8, 2025
Found In Version: 10.23.30.1
Severity: Standard
Applicable for: Wind River Linux LTS 23
Component/s: Kernel
In the Linux kernel, the following vulnerability has been resolved:EOL][EOL]net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization[EOL][EOL]Syzbot reported shift-out-of-bounds exception on MDIO bus initialization.[EOL][EOL]The PHY address should be masked to 5 bits (0-31). Without this[EOL]mask, invalid PHY addresses could be used, potentially causing issues[EOL]with MDIO bus operations.[EOL][EOL]Fix this by masking the PHY address with 0x1f (31 decimal) to ensure[EOL]it stays within the valid range.
CREATE(Triage):(User=admin) [CVE-2025-38736 (https://nvd.nist.gov/vuln/detail/CVE-2025-38736)
