CVE-2025-37844

MEDIUM EPSS 13.9%
Published May 9, 20251y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published May 9, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: cifs: avoid NULL pointer dereference in dbg call cifs_server_dbg() implies server to be non-NULL so move call under condition to avoid NULL pointer dereference. Found by Linux Verification Center (linuxtesting.org) with SVACE.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
13.9% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

Affected Products 8

VendorProductVersionRange
linuxlinux_kernel*≥5.6.7  –  <5.10.237
linuxlinux_kernel*≥5.11  –  <5.15.181
linuxlinux_kernel*≥5.16  –  <6.1.135
linuxlinux_kernel*≥6.2  –  <6.6.88
linuxlinux_kernel*≥6.7  –  <6.12.24
linuxlinux_kernel*≥6.13  –  <6.13.12
linuxlinux_kernel*≥6.14  –  <6.14.3
debiandebian_linux11.0any

References 10

  • git.kernel.org https://git.kernel.org/stable/c/20048e658652e731f5cadf4a695925e570ca0ff9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6c14ee6af8f1f188b668afd6d003f7516a507b08
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/864ba5c651b03830f36f0906c21af05b15c1aaa6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9c9000cb91b986eb7f75835340c67857ab97c09b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b2a1833e1c63e2585867ebeaf4dd41494dcede4b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b4885bd5935bb26f0a414ad55679a372e53f9b9b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ba3ce6c60cd5db258687dfeba9fc608f5e7cadf3
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e0717385f5c51e290c2cd2ad4699a778316b5132
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html
    Mailing List
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html
    Mailing List

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/20048e658652e731f5cadf4a695925e570ca0ff9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6c14ee6af8f1f188b668afd6d003f7516a507b08
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/864ba5c651b03830f36f0906c21af05b15c1aaa6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9c9000cb91b986eb7f75835340c67857ab97c09b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b2a1833e1c63e2585867ebeaf4dd41494dcede4b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b4885bd5935bb26f0a414ad55679a372e53f9b9b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ba3ce6c60cd5db258687dfeba9fc608f5e7cadf3
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e0717385f5c51e290c2cd2ad4699a778316b5132
    Patch