Linux Kernel Asix Devices Driver Phy Mask Vulnerability in Ax88772 Mdio Bus

A vulnerability exists in the Linux kernel's handling of the Ax88772 MDIO bus within the Asix devices driver. This issue can lead to a NULL pointer dereference during system suspend and resume operations. The problem arises because the driver, without a properly set phy_mask, may create up to 32 MDIO PHY devices with addresses ranging from 0x00 to 0x1F. The D-Link DUB-E100 hardware version B1 is an example of a device affected by this issue. Only the main PHY device binds to the network PHY driver, causing non-main PHY devices to be improperly managed during system sleep cycles. The vulnerability has been addressed by adding a phy_mask for the Ax88772 MDIO bus, ensuring that only the necessary internal or external PHY devices are active.

Impact

The vulnerability can be exploited to cause a NULL pointer dereference, leading to a system crash or instability.

Reproduction

To reproduce this vulnerability, connect a D-Link DUB-E100 H/W Ver B1 device to a system running an affected version of the Linux kernel. During the initialization of the Ax88772 MDIO bus, the driver will create multiple MDIO PHY devices without a proper phy_mask, allowing non-main PHY devices to cause a NULL pointer dereference when the system is suspended and resumed.

Remediation

The vulnerability has been fixed in the Linux kernel. Users should upgrade to the latest version where this issue has been addressed.