CVE-2025-38208 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: smb: client: add NULL check in automount_fullpath page is checked for null in __build_path_from_dentry_optional_prefix when tcon->origin_fullpath is not set. However, the check is missing when it is set. Add a check to prevent a potential NULL pointer dereference.

Reserved 2025-04-16 | Published 2025-07-04 | Updated 2025-07-04 | Assigner Linux

Product status

Default status

unaffected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 37166d63e42c34846a16001950ecec96229a8d17

affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before a9e916fa5c7d0ec2256aa44aa24ddd92f529ce35

affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before cce8e71ca1f7ad9045707f0d22490c1e9ed1df6c

affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before f1e7a277a1736e12cc4bd6d93b8a5c439b8ca20c

affected

Default status

affected

6.6.95

unaffected

6.12.35

unaffected

6.15.4

unaffected

6.16-rc1

unaffected

References

git.kernel.org/...c/37166d63e42c34846a16001950ecec96229a8d17

git.kernel.org/...c/a9e916fa5c7d0ec2256aa44aa24ddd92f529ce35

git.kernel.org/...c/cce8e71ca1f7ad9045707f0d22490c1e9ed1df6c

git.kernel.org/...c/f1e7a277a1736e12cc4bd6d93b8a5c439b8ca20c

cve.org (CVE-2025-38208)

nvd.nist.gov (CVE-2025-38208)

Download JSON