CVE-2025-38231 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: nfsd: Initialize ssc before laundromat_work to prevent NULL dereference In nfs4_state_start_net(), laundromat_work may access nfsd_ssc through nfs4_laundromat -> nfsd4_ssc_expire_umount. If nfsd_ssc isn't initialized, this can cause NULL pointer dereference. Normally the delayed start of laundromat_work allows sufficient time for nfsd_ssc initialization to complete. However, when the kernel waits too long for userspace responses (e.g. in nfs4_state_start_net -> nfsd4_end_grace -> nfsd4_record_grace_done -> nfsd4_cld_grace_done -> cld_pipe_upcall -> __cld_pipe_upcall -> wait_for_completion path), the delayed work may start before nfsd_ssc initialization finishes. Fix this by moving nfsd_ssc initialization before starting laundromat_work.

Reserved 2025-04-16 | Published 2025-07-04 | Updated 2025-07-04 | Assigner Linux

Product status

Default status

unaffected

a4bc287943f5695209ff36bdc89f17b48d68fae7 before deaeb74ae9318252829c59a84a7d2316fc335660

affected

f4e44b393389c77958f7c58bf4415032b4cda15b before 0fccf5f01ed28725cc313a66ca1247eef911d55e

affected

f4e44b393389c77958f7c58bf4415032b4cda15b before a97668ec6d73dab237cd1c15efe012a10090a4ed

affected

f4e44b393389c77958f7c58bf4415032b4cda15b before 5060e1a5fef184bd11d298e3f0ee920d96a23236

affected

f4e44b393389c77958f7c58bf4415032b4cda15b before d622c2ee6c08147ab8c9b9e37d93b6e95d3258e0

affected

f4e44b393389c77958f7c58bf4415032b4cda15b before 83ac1ba8ca102ab5c0ed4351f8ac6e74ac4d5d64

affected

f4e44b393389c77958f7c58bf4415032b4cda15b before b31da62889e6d610114d81dc7a6edbcaa503fcf8

affected

Default status

affected

5.14

affected

Any version before 5.14

unaffected

5.10.239

unaffected

5.15.186

unaffected

6.1.142

unaffected

6.6.95

unaffected

6.12.35

unaffected

6.15.4

unaffected

6.16-rc1

unaffected

References

git.kernel.org/...c/deaeb74ae9318252829c59a84a7d2316fc335660

git.kernel.org/...c/0fccf5f01ed28725cc313a66ca1247eef911d55e

git.kernel.org/...c/a97668ec6d73dab237cd1c15efe012a10090a4ed

git.kernel.org/...c/5060e1a5fef184bd11d298e3f0ee920d96a23236

git.kernel.org/...c/d622c2ee6c08147ab8c9b9e37d93b6e95d3258e0

git.kernel.org/...c/83ac1ba8ca102ab5c0ed4351f8ac6e74ac4d5d64

git.kernel.org/...c/b31da62889e6d610114d81dc7a6edbcaa503fcf8

cve.org (CVE-2025-38231)

nvd.nist.gov (CVE-2025-38231)

Download JSON