CVE-2025-38289
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk
Smatch detected a potential use-after-free of an ndlp oject in dev_loss_tmo_callbk during driver unload or fatal error handling.
Fix by reordering code to avoid potential use-after-free if initial nodelist reference has been previously removed.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | e4913d4bc59227fbdfe6b8f5541f49aaea1cb41c < ea405fb4144985d5c60f49c2abd9ba47ea44fdb4 | affected |
| Linux | Linux | 4281f44ea8bfedd25938a0031bebba1473ece9ad < 4f09940b5581e44069eb31a66cf7f05c3c35ed04 | affected |
| Linux | Linux | 4281f44ea8bfedd25938a0031bebba1473ece9ad < b5162bb6aa1ec04dff4509b025883524b6d7e7ca | affected |
| Linux | Linux | 6.12.5 < 6.12.37 | affected |
| Linux | Linux | 6.13 | affected |
| Linux | Linux | 0 < 6.13 | unaffected |
| Linux | Linux | 6.12.37 <= 6.12.* | unaffected |
| Linux | Linux | 6.15.3 <= 6.15.* | unaffected |
| Linux | Linux | 6.16 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/ea405fb4144985d5c60f49c2abd9ba47ea44fdb4
- https://git.kernel.org/stable/c/4f09940b5581e44069eb31a66cf7f05c3c35ed04
- https://git.kernel.org/stable/c/b5162bb6aa1ec04dff4509b025883524b6d7e7ca
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.