5.5

CVE-2025-37844

cifs: avoid NULL pointer dereference in dbg call

In the Linux kernel, the following vulnerability has been resolved:

cifs: avoid NULL pointer dereference in dbg call

cifs_server_dbg() implies server to be non-NULL so
move call under condition to avoid NULL pointer dereference.

Found by Linux Verification Center (linuxtesting.org) with SVACE.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.6.7 < 5.10.237
LinuxLinux Kernel Version >= 5.11 < 5.15.181
LinuxLinux Kernel Version >= 5.16 < 6.1.135
LinuxLinux Kernel Version >= 6.2 < 6.6.88
LinuxLinux Kernel Version >= 6.7 < 6.12.24
LinuxLinux Kernel Version >= 6.13 < 6.13.12
LinuxLinux Kernel Version >= 6.14 < 6.14.3
DebianDebian Linux Version11.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.24% 0.152
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/ba3ce6c60cd5db258687dfeba9fc608f5e7cadf3
Patch
https://git.kernel.org/stable/c/9c9000cb91b986eb7f75835340c67857ab97c09b
Patch
https://git.kernel.org/stable/c/b2a1833e1c63e2585867ebeaf4dd41494dcede4b
Patch
https://git.kernel.org/stable/c/864ba5c651b03830f36f0906c21af05b15c1aaa6
Patch
https://git.kernel.org/stable/c/e0717385f5c51e290c2cd2ad4699a778316b5132
Patch
https://git.kernel.org/stable/c/20048e658652e731f5cadf4a695925e570ca0ff9
Patch
https://git.kernel.org/stable/c/6c14ee6af8f1f188b668afd6d003f7516a507b08
Patch
https://git.kernel.org/stable/c/b4885bd5935bb26f0a414ad55679a372e53f9b9b
Patch
https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html
Mailing List
https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html
Mailing List