Description

In the Linux kernel, the following vulnerability has been resolved: net: lan743x: Modify the EEPROM and OTP size for PCI1xxxx devices Maximum OTP and EEPROM size for hearthstone PCI1xxxx devices are 8 Kb and 64 Kb respectively. Adjust max size definitions and return correct EEPROM length based on device. Also prevent out-of-bound read/write.

INFO

Published Date :

2025-07-25T14:16:43.109Z

Last Modified :

2025-11-03T17:37:52.511Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2025-38422 vulnerability.

Vendors Products
Debian
  • Debian Linux
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-38422.

URL Resource
https://git.kernel.org/stable/c/088279ff18cdc437d6fac5890e0c52c624f78a5b cve-icon cve-icon
https://git.kernel.org/stable/c/3b9935586a9b54d2da27901b830d3cf46ad66a1e cve-icon cve-icon
https://git.kernel.org/stable/c/51318d644c993b3f7a60b8616a6a5adc1e967cd2 cve-icon cve-icon
https://git.kernel.org/stable/c/6b4201d74d0a49af2123abf2c9d142e59566714b cve-icon cve-icon
https://git.kernel.org/stable/c/9c41d2a2aa3817946eb613522200cab55513ddaa cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html cve-icon
https://lore.kernel.org/linux-cve-announce/2025072554-CVE-2025-38422-5d9b@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-38422 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-38422 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact