CVE-2025-38208

In the Linux kernel, the following vulnerability has been resolved: smb: client: add NULL check in automount_fullpath page is checked for null in __build_path_from_dentry_optional_prefix when tcon->origin_fullpath is not set. However, the check is missing when it is set. Add a check to prevent a potential NULL pointer dereference.

CVSS

No CVSS.

References

Link	Resource
https://git.kernel.org/stable/c/37166d63e42c34846a16001950ecec96229a8d17
https://git.kernel.org/stable/c/a9e916fa5c7d0ec2256aa44aa24ddd92f529ce35
https://git.kernel.org/stable/c/cce8e71ca1f7ad9045707f0d22490c1e9ed1df6c
https://git.kernel.org/stable/c/f1e7a277a1736e12cc4bd6d93b8a5c439b8ca20c

Configurations

No configuration.

History

08 Jul 2025, 16:18

Type	Values Removed	Values Added
Summary		(es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: smb: cliente: Se comprueba si la comprobación de añadir NULL en la página automount_fullpath contiene valores nulos en __build_path_from_dentry_optional_prefix cuando tcon->origin_fullpath no está configurado. Sin embargo, la comprobación no se encuentra disponible cuando sí lo está. Se ha añadido una comprobación para evitar una posible desreferencia de punteros NULL.

04 Jul 2025, 14:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-07-04 14:15

Updated : 2025-07-08 16:18

NVD link : CVE-2025-38208

Mitre link : CVE-2025-38208

CVE.ORG link : CVE-2025-38208

JSON object : View

Products Affected

No product.

CWE

No CWE.

JSON object

Attach tags to CVE-2025-38208

Attach tags to `CVE-2025-38208`