CVE-2025-38422

Description

In the Linux kernel, the following vulnerability has been resolved: net: lan743x: Modify the EEPROM and OTP size for PCI1xxxx devices Maximum OTP and EEPROM size for hearthstone PCI1xxxx devices are 8 Kb and 64 Kb respectively. Adjust max size definitions and return correct EEPROM length based on device. Also prevent out-of-bound read/write.

Reserved 2025-04-16 | Published 2025-07-25 | Updated 2025-07-25 | Assigner Linux

Product status

Default status
unaffected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 6b4201d74d0a49af2123abf2c9d142e59566714b
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 088279ff18cdc437d6fac5890e0c52c624f78a5b
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 51318d644c993b3f7a60b8616a6a5adc1e967cd2
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 9c41d2a2aa3817946eb613522200cab55513ddaa
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 3b9935586a9b54d2da27901b830d3cf46ad66a1e
affected

Default status
affected

6.1.142
unaffected

6.6.95
unaffected

6.12.35
unaffected

6.15.4
unaffected

6.16-rc1
unaffected

References

git.kernel.org/...c/6b4201d74d0a49af2123abf2c9d142e59566714b

git.kernel.org/...c/088279ff18cdc437d6fac5890e0c52c624f78a5b

git.kernel.org/...c/51318d644c993b3f7a60b8616a6a5adc1e967cd2

git.kernel.org/...c/9c41d2a2aa3817946eb613522200cab55513ddaa

git.kernel.org/...c/3b9935586a9b54d2da27901b830d3cf46ad66a1e

cve.org (CVE-2025-38422)

nvd.nist.gov (CVE-2025-38422)

Download JSON