CVE-2025-38737
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
cifs: Fix oops due to uninitialised variable
Fix smb3_init_transform_rq() to initialise buffer to NULL before calling netfs_alloc_folioq_buffer() as netfs assumes it can append to the buffer it is given. Setting it to NULL means it should start a fresh buffer, but the value is currently undefined.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | a2906d3316fc19bf0ade84618bb73eab604c447e < 4931fe2dbe1cc0e7d350a4b51b0b330e43971d98 | affected |
| Linux | Linux | a2906d3316fc19bf0ade84618bb73eab604c447e < 6adaa9fae36f848afa7278945d725e197e33c496 | affected |
| Linux | Linux | a2906d3316fc19bf0ade84618bb73eab604c447e < 453a6d2a68e54a483d67233c6e1e24c4095ee4be | affected |
| Linux | Linux | 6.12 | affected |
| Linux | Linux | 0 < 6.12 | unaffected |
| Linux | Linux | 6.12.44 <= 6.12.* | unaffected |
| Linux | Linux | 6.16.4 <= 6.16.* | unaffected |
| Linux | Linux | 6.17 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/4931fe2dbe1cc0e7d350a4b51b0b330e43971d98
- https://git.kernel.org/stable/c/6adaa9fae36f848afa7278945d725e197e33c496
- https://git.kernel.org/stable/c/453a6d2a68e54a483d67233c6e1e24c4095ee4be
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.