CVE-2025-38086

*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> net: ch9200: fix uninitialised access during mii_nway_restart<br /> <br /> In mii_nway_restart() the code attempts to call<br /> mii-&gt;mdio_read which is ch9200_mdio_read(). ch9200_mdio_read()<br /> utilises a local buffer called "buff", which is initialised<br /> with control_read(). However "buff" is conditionally<br /> initialised inside control_read():<br /> <br /> if (err == size) {<br /> memcpy(data, buf, size);<br /> }<br /> <br /> If the condition of "err == size" is not met, then<br /> "buff" remains uninitialised. Once this happens the<br /> uninitialised "buff" is accessed and returned during<br /> ch9200_mdio_read():<br /> <br /> return (buff[0] | buff[1]