CVE-2025-39838

Summary

In the Linux kernel, the following vulnerability has been resolved:

cifs: prevent NULL pointer dereference in UTF16 conversion

There can be a NULL pointer dereference bug here. NULL is passed to __cifs_sfu_make_node without checks, which passes it unchecked to cifs_strndup_to_utf16, which in turn passes it to cifs_local_to_utf16_bytes where '*from' is dereferenced, causing a crash.

This patch adds a check for NULL 'src' in cifs_strndup_to_utf16 and returns NULL early to prevent dereferencing NULL pointer.

Found by Linux Verification Center (linuxtesting.org) with SVACE

Affected Software

VendorProductVersion RangeStatus
LinuxLinux41d3f256c6a5e41eb32b87168399c0facd512dc0 < 1f797f062b5cf13a1c2bcc23285361baaa7c9260affected
LinuxLinux41d3f256c6a5e41eb32b87168399c0facd512dc0 < 3c26a8d30ed6b53a52a023ec537dc50a6d34a67aaffected
LinuxLinux41d3f256c6a5e41eb32b87168399c0facd512dc0 < 70bccd9855dae56942f2b18a08ba137bb54093a0affected
LinuxLinux6.12affected
LinuxLinux0 < 6.12unaffected
LinuxLinux6.12.46 <= 6.12.*unaffected
LinuxLinux6.16.6 <= 6.16.*unaffected
LinuxLinux6.17 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

Additional References

References