CVE-2025-38726: 
MinimOS vulnerability analysis and mitigation

CVE-2025-38726 is a vulnerability discovered in the Linux kernel, specifically affecting the ftgmac100 network driver component. The vulnerability was disclosed on September 4, 2025, and involves a potential NULL pointer access issue in the ftgmac100phydisconnect function (NVD, Ubuntu Security).

The vulnerability occurs in the network driver's PHY (Physical Layer) disconnect functionality. After calling phydisconnect(), the netdev->phydev is reset to NULL, which could lead to fixedphyunregister() being called with a NULL pointer argument. The issue requires caching the phydevice before the disconnect call to prevent the NULL pointer access (Debian Security).

The vulnerability affects various Linux distributions including Ubuntu 25.04 plucky and specific versions of Debian. Several kernel packages are marked as vulnerable, including linux-aws, linux-azure, linux-gcp, and linux-oracle in certain distributions (Ubuntu Security).

Multiple Linux distributions have released fixes for this vulnerability. Debian has fixed the issue in versions 6.12.43-1 for trixie and 6.16.3-1 for forky. Ubuntu has marked several LTS releases as not affected, including 24.04 noble, 22.04 jammy, 20.04 focal, and 18.04 bionic (Debian Security, Ubuntu Security).