Description

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk Smatch detected a potential use-after-free of an ndlp oject in dev_loss_tmo_callbk during driver unload or fatal error handling. Fix by reordering code to avoid potential use-after-free if initial nodelist reference has been previously removed.

INFO

Published Date :

2025-07-10T07:42:05.645Z

Last Modified :

2025-07-28T04:17:38.334Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2025-38289 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-38289.

URL Resource
https://git.kernel.org/stable/c/4f09940b5581e44069eb31a66cf7f05c3c35ed04 cve-icon cve-icon
https://git.kernel.org/stable/c/b5162bb6aa1ec04dff4509b025883524b6d7e7ca cve-icon cve-icon
https://git.kernel.org/stable/c/ea405fb4144985d5c60f49c2abd9ba47ea44fdb4 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025071011-CVE-2025-38289-0d93@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-38289 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-38289 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact