CVE-2025-38035 — NULL Pointer Dereference in Linux
Severity
5.5MEDIUMNVD
OSV3.2
EPSS
0.1%
top 69.23%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJun 18
Latest updateMar 25
Description
In the Linux kernel, the following vulnerability has been resolved:
nvmet-tcp: don't restore null sk_state_change
queue->state_change is set as part of nvmet_tcp_set_queue_sock(), but if
the TCP connection isn't established when nvmet_tcp_set_queue_sock() is
called then queue->state_change isn't set and sock->sk->sk_state_change
isn't replaced.
As such we don't need to restore sock->sk->sk_state_change if
queue->state_change is NULL.
This avoids NULL pointer dereferences such as this:
[ 286…
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6
Affected Packages4 packages
▶CVEListV5linux/linux872d26a391da92ed8f0c0f5cb5fef428067b7f30 — 6265538446e2426f4bf3b57e91d7680b2047ddd9+8
Also affects: Debian Linux 11.0