CVE-2025-38231
EUVD-2025-2002504.07.2025, 14:15
In the Linux kernel, the following vulnerability has been resolved: nfsd: Initialize ssc before laundromat_work to prevent NULL dereference In nfs4_state_start_net(), laundromat_work may access nfsd_ssc through nfs4_laundromat -> nfsd4_ssc_expire_umount. If nfsd_ssc isn't initialized, this can cause NULL pointer dereference. Normally the delayed start of laundromat_work allows sufficient time for nfsd_ssc initialization to complete. However, when the kernel waits too long for userspace responses (e.g. in nfs4_state_start_net -> nfsd4_end_grace -> nfsd4_record_grace_done -> nfsd4_cld_grace_done -> cld_pipe_upcall -> __cld_pipe_upcall -> wait_for_completion path), the delayed work may start before nfsd_ssc initialization finishes. Fix this by moving nfsd_ssc initialization before starting laundromat_work.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 5.10.220 ≤ 𝑥 < 5.10.239 |
| linux | linux_kernel | 5.14 ≤ 𝑥 < 5.15.186 |
| linux | linux_kernel | 5.16 ≤ 𝑥 < 6.1.142 |
| linux | linux_kernel | 6.2 ≤ 𝑥 < 6.6.95 |
| linux | linux_kernel | 6.7 ≤ 𝑥 < 6.12.35 |
| linux | linux_kernel | 6.13 ≤ 𝑥 < 6.15.4 |
| debian | debian_linux | 11.0 |
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| Siemens | SIMATIC S7-1500 CPU 1518-4 PN/DP MFP | V3.1.5 ≤ 𝑥 < * | ADP |
| Siemens | SIMATIC S7-1500 CPU 1518-4 PN/DP MFP | V3.1.5 ≤ 𝑥 < * | ADP |
| Siemens | SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP | V3.1.5 ≤ 𝑥 < * | ADP |
| Siemens | SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP | V3.1.5 ≤ 𝑥 < * | ADP |
| Siemens | SIPLUS S7-1500 CPU 1518-4 PN/DP MFP | V3.1.5 ≤ 𝑥 < * | ADP |
Debian Releases
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| kernel-64kb |
| ||||||||||||||||
| kernel-azure |
| ||||||||||||||||
| kernel-default |
| ||||||||||||||||
| kernel-default-base |
| ||||||||||||||||
| kernel-default-extra |
| ||||||||||||||||
| kernel-obs-build |
| ||||||||||||||||
| kernel-source |
| ||||||||||||||||
| kernel-source-azure |
| ||||||||||||||||
| kernel-zfcpdump |
| ||||||||||||||||
| reiserfs-kmp-default |
|
Amazon Linux Releases
Amazon Package | |||
|---|---|---|---|
| bpftool |
| ||
| bpftool-debuginfo |
| ||
| kernel |
| ||
| kernel-debuginfo |
| ||
| kernel-debuginfo-common-aarch64 |
| ||
| kernel-debuginfo-common-x86_64 |
| ||
| kernel-devel |
| ||
| kernel-headers |
| ||
| kernel-libbpf |
| ||
| kernel-libbpf-debuginfo |
| ||
| kernel-libbpf-devel |
| ||
| kernel-libbpf-static |
| ||
| kernel-livepatch-6.1.144-170.251 |
| ||
| kernel-livepatch-6.12.35-55.103 |
| ||
| kernel-modules-extra |
| ||
| kernel-modules-extra-common |
| ||
| kernel-tools |
| ||
| kernel-tools-debuginfo |
| ||
| kernel-tools-devel |
| ||
| kernel6.12 |
| ||
| kernel6.12-debuginfo |
| ||
| kernel6.12-debuginfo-common-aarch64 |
| ||
| kernel6.12-debuginfo-common-x86_64 |
| ||
| kernel6.12-modules-extra |
| ||
| perf |
| ||
| perf-debuginfo |
| ||
| perf6.12 |
| ||
| perf6.12-debuginfo |
| ||
| python3-perf |
| ||
| python3-perf-debuginfo |
| ||
| python3-perf6.12 |
| ||
| python3-perf6.12-debuginfo |
|
Common Weakness Enumeration
References