CVE-2025-38092

Summary

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: use list_first_entry_or_null for opinfo_get_list()

The list_first_entry() macro never returns NULL. If the list is empty then it returns an invalid pointer. Use list_first_entry_or_null() to check if the list is empty.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux296cb5457cc6f4a754c4ae29855f8a253d52bcc6 < c78abb646ff823e7d22faad4cc0703d4484da9e8affected
LinuxLinuxd54ab1520d43e95f9b2e22d7a05fc9614192e5a5 < 334da674b25fdb7a1a4d4b89dcd7795144fc7e11affected
LinuxLinuxd73686367ad68534257cd88a36ca3c52cb8b81d8 < cb7e06e9736d73007dc8dab7b353733bb37df86baffected
LinuxLinux18b4fac5ef17f77fed9417d22210ceafd6525fc7 < 10379171f346e6f61d30d9949500a8de4336444aaffected
LinuxLinux6.6.88 < 6.6.93affected
LinuxLinux6.12.25 < 6.12.32affected
LinuxLinux6.14.4 < 6.14.10affected

Weaknesses

References