Linux Kernel Out-of-Bounds Read/Write Vulnerability in net/mdiobus

A vulnerability allowing out-of-bounds read and write access has been identified in the Linux kernel's net/mdiobus component. This issue arises when using 'mdio-tools' to interact with network interfaces and their PHYs via the mdiobus. The vulnerability exists because the ioctl parameters are not properly validated, allowing any MDIO address to be accepted. While the kernel supports 32 addresses, it is possible to specify a higher value through ioctl. Although read/write operations should typically fail in this scenario, the mdiobus stats array can be manipulated to enable out-of-bounds access. The vulnerability has been addressed by implementing address verification before read/write operations, enhancing the security of these operations.

Impact

Exploitation of this vulnerability could lead to arbitrary memory access, allowing for potential memory corruption or manipulation of kernel data structures.