{ "affected": [ { "ranges": [ { "events": [ { "introduced": "e24a6c874601efb3de6e535895dd8e4f56fa98f1" }, { "fixed": "ae59ec969c07c73f0610f8bd7e648f01e798d222" }, { "fixed": "44bcd397ad9cd1a6b25fabb7f5edbee4fb0cfc2e" }, { "fixed": "9ad90dd34b4e8e5be1e45a4559f4de0f14e53af2" }, { "fixed": "e88fbc30dda1cb7438515303704ceddb3ade4ecd" } ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "type": "GIT" } ] } ], "database_specific": { "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38726.json" }, "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ftgmac100: fix potential NULL pointer access in ftgmac100_phy_disconnect\n\nAfter the call to phy_disconnect() netdev-\u003ephydev is reset to NULL.\nSo fixed_phy_unregister() would be called with a NULL pointer as argument.\nTherefore cache the phy_device before this call.", "id": "CVE-2025-38726", "modified": "2026-04-01T23:08:47.581707975Z", "published": "2025-09-04T15:33:24.527Z", "references": [ { "type": "WEB", "url": "https://git.kernel.org/stable/c/44bcd397ad9cd1a6b25fabb7f5edbee4fb0cfc2e" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/9ad90dd34b4e8e5be1e45a4559f4de0f14e53af2" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/ae59ec969c07c73f0610f8bd7e648f01e798d222" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/e88fbc30dda1cb7438515303704ceddb3ade4ecd" }, { "type": "ADVISORY", "url": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38726.json" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38726" }, { "type": "PACKAGE", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git" } ], "schema_version": "1.7.3", "summary": "net: ftgmac100: fix potential NULL pointer access in ftgmac100_phy_disconnect" }