CVE-2025-40010

Summary

In the Linux kernel, the following vulnerability has been resolved:

afs: Fix potential null pointer dereference in afs_put_server

afs_put_server() accessed server->debug_id before the NULL check, which could lead to a null pointer dereference. Move the debug_id assignment, ensuring we never dereference a NULL server pointer.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux2757a4dc184997c66ef1de32636f73b9f21aac14 < 7b8381f3c405b864a814d747e526e078c3ef4bc2affected
LinuxLinux2757a4dc184997c66ef1de32636f73b9f21aac14 < cab278cead49a547ac84c3e185f446f381303eaeaffected
LinuxLinux2757a4dc184997c66ef1de32636f73b9f21aac14 < a13dbc5e20c7284b82afe6f08debdecf51d2ca04affected
LinuxLinux2757a4dc184997c66ef1de32636f73b9f21aac14 < 41782c44bb8431c43043129ae42f2ba614938479affected
LinuxLinux2757a4dc184997c66ef1de32636f73b9f21aac14 < 9158c6bb245113d4966df9b2ba602197a379412eaffected
LinuxLinux6.0affected
LinuxLinux0 < 6.0unaffected
LinuxLinux6.1.155 <= 6.1.*unaffected
LinuxLinux6.6.109 <= 6.6.*unaffected
LinuxLinux6.12.50 <= 6.12.*unaffected
LinuxLinux6.16.10 <= 6.16.*unaffected
LinuxLinux6.17 <= *unaffected

Weaknesses

References