5.5

CVE-2025-38092

ksmbd: use list_first_entry_or_null for opinfo_get_list()

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: use list_first_entry_or_null for opinfo_get_list()

The list_first_entry() macro never returns NULL.  If the list is
empty then it returns an invalid pointer.  Use list_first_entry_or_null()
to check if the list is empty.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 6.6.88 < 6.6.93
LinuxLinux Kernel Version >= 6.12.25 < 6.12.32
LinuxLinux Kernel Version >= 6.14.4 < 6.14.10
LinuxLinux Kernel Version6.15 Updaterc3
LinuxLinux Kernel Version6.15 Updaterc4
LinuxLinux Kernel Version6.15 Updaterc5
LinuxLinux Kernel Version6.15 Updaterc6
LinuxLinux Kernel Version6.15 Updaterc7
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.14% 0.034
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/c78abb646ff823e7d22faad4cc0703d4484da9e8
Patch
https://git.kernel.org/stable/c/334da674b25fdb7a1a4d4b89dcd7795144fc7e11
Patch
https://git.kernel.org/stable/c/cb7e06e9736d73007dc8dab7b353733bb37df86b
Patch
https://git.kernel.org/stable/c/10379171f346e6f61d30d9949500a8de4336444a
Patch