CVE-2025-38092

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2025-38092
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38092.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-38092
Downstream
Published
2025-07-02T14:43:30Z
Modified
2025-10-10T12:15:16.673174Z
Summary
ksmbd: use list_first_entry_or_null for opinfo_get_list()
Details

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: use listfirstentryornull for opinfogetlist()

The listfirstentry() macro never returns NULL. If the list is empty then it returns an invalid pointer. Use listfirstentryornull() to check if the list is empty.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
296cb5457cc6f4a754c4ae29855f8a253d52bcc6
Fixed
c78abb646ff823e7d22faad4cc0703d4484da9e8
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
d54ab1520d43e95f9b2e22d7a05fc9614192e5a5
Fixed
334da674b25fdb7a1a4d4b89dcd7795144fc7e11
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
d73686367ad68534257cd88a36ca3c52cb8b81d8
Fixed
cb7e06e9736d73007dc8dab7b353733bb37df86b
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
18b4fac5ef17f77fed9417d22210ceafd6525fc7
Fixed
10379171f346e6f61d30d9949500a8de4336444a

Affected versions

v6.*

v6.12.25
v6.12.26
v6.12.27
v6.12.28
v6.12.29
v6.12.30
v6.12.31
v6.14.4
v6.14.5
v6.14.6
v6.14.7
v6.14.8
v6.14.9
v6.15-rc3
v6.15-rc4
v6.15-rc5
v6.15-rc6
v6.15-rc7
v6.6.88
v6.6.89
v6.6.90
v6.6.91
v6.6.92

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.6.88
Fixed
6.6.93
Type
ECOSYSTEM
Events
Introduced
6.12.25
Fixed
6.12.32
Type
ECOSYSTEM
Events
Introduced
6.14.4
Fixed
6.14.10