CVE-2025-38442NULL Pointer Dereference in Linux

CWE-476NULL Pointer Dereference5 documents5 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 90.56%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedJul 25

Description

In the Linux kernel, the following vulnerability has been resolved: block: reject bs > ps block devices when THP is disabled If THP is disabled and when a block device with logical block size > page size is present, the following null ptr deref panic happens during boot: [ [13.2 mK AOSAN: null-ptr-deref in range [0x0000000000000000-0x0000000000K0 0 0[07] [ 13.017749] RIP: 0010:create_empty_buffers+0x3b/0x380 [ 13.025448] Call Trace: [ 13.025692] [ 13.025895] block_read_full_folio+0x610/0x780

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages3 packages

NVDlinux/linux_kernel6.156.15.7+1
CVEListV5linux/linux47dd67532303803a87f43195e088b3b4bcf0454db025d81b96bfe8a62b6e3e6ac776608206ccbf6d+2
debiandebian/linux

Patches

Patch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
GHSA
GHSA-p7jf-wq44-hqq3: In the Linux kernel, the following vulnerability has been resolved: block: reject bs > ps block devices when THP is disabled If THP is disabled and2025-07-25
OSV
CVE-2025-38442: In the Linux kernel, the following vulnerability has been resolved: block: reject bs > ps block devices when THP is disabled If THP is disabled and wh2025-07-25

📋Vendor Advisories

2
Red Hat
kernel: block: reject bs > ps block devices when THP is disabled2025-07-25
Debian
CVE-2025-38442: linux - In the Linux kernel, the following vulnerability has been resolved: block: reje...2025
CVE-2025-38442 — NULL Pointer Dereference in Linux | cvebase