We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2025-38289

scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk



Description

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk Smatch detected a potential use-after-free of an ndlp oject in dev_loss_tmo_callbk during driver unload or fatal error handling. Fix by reordering code to avoid potential use-after-free if initial nodelist reference has been previously removed.

Reserved 2025-04-16 | Published 2025-07-10 | Updated 2025-07-10 | Assigner Linux

Product status

Default status
unaffected

e4913d4bc59227fbdfe6b8f5541f49aaea1cb41c before ea405fb4144985d5c60f49c2abd9ba47ea44fdb4
affected

4281f44ea8bfedd25938a0031bebba1473ece9ad before 4f09940b5581e44069eb31a66cf7f05c3c35ed04
affected

4281f44ea8bfedd25938a0031bebba1473ece9ad before b5162bb6aa1ec04dff4509b025883524b6d7e7ca
affected

Default status
affected

6.13
affected

Any version before 6.13
unaffected

6.12.37
unaffected

6.15.3
unaffected

6.16-rc1
unaffected

References

git.kernel.org/...c/ea405fb4144985d5c60f49c2abd9ba47ea44fdb4

git.kernel.org/...c/4f09940b5581e44069eb31a66cf7f05c3c35ed04

git.kernel.org/...c/b5162bb6aa1ec04dff4509b025883524b6d7e7ca

cve.org (CVE-2025-38289)

nvd.nist.gov (CVE-2025-38289)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2025-38289

Support options

Helpdesk Chat, Email, Knowledgebase
© Copyright 2025 THREATINT
Made in Cyprus with +
 System status
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
Error loading Crisp.chat. Please check your web content filter and browser plugins.