DEBIAN-CVE-2025-38716
- Source
- https://security-tracker.debian.org/tracker/CVE-2025-38716
- Import Source
- https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2025-38716.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2025-38716
- Upstream
- Published
- 2025-09-04T16:15:41Z
- Modified
- 2025-09-25T02:29:11.877707Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved: hfs: fix general protection fault in hfsfindinit() The hfsfindinit() method can trigger the crash if tree pointer is NULL: [ 45.746290][ T9787] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000008: 0000 [#1] SMP KAI [ 45.747287][ T9787] KASAN: null-ptr-deref in range [0x0000000000000040-0x0000000000000047] [ 45.748716][ T9787] CPU: 2 UID: 0 PID: 9787 Comm: repro Not tainted 6.16.0-rc3 #10 PREEMPT(full) [ 45.750250][ T9787] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 45.751983][ T9787] RIP: 0010:hfsfindinit+0x86/0x230 [ 45.752834][ T9787] Code: c1 ea 03 80 3c 02 00 0f 85 9a 01 00 00 4c 8d 6b 40 48 c7 45 18 00 00 00 00 48 b8 00 00 00 00 00 fc [ 45.755574][ T9787] RSP: 0018:ffffc90015157668 EFLAGS: 00010202 [ 45.756432][ T9787] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffff819a4d09 [ 45.757457][ T9787] RDX: 0000000000000008 RSI: ffffffff819acd3a RDI: ffffc900151576e8 [ 45.758282][ T9787] RBP: ffffc900151576d0 R08: 0000000000000005 R09: 0000000000000000 [ 45.758943][ T9787] R10: 0000000080000000 R11: 0000000000000001 R12: 0000000000000004 [ 45.759619][ T9787] R13: 0000000000000040 R14: ffff88802c50814a R15: 0000000000000000 [ 45.760293][ T9787] FS: 00007ffb72734540(0000) GS:ffff8880cec64000(0000) knlGS:0000000000000000 [ 45.761050][ T9787] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 45.761606][ T9787] CR2: 00007f9bd8225000 CR3: 000000010979a000 CR4: 00000000000006f0 [ 45.762286][ T9787] Call Trace: [ 45.762570][ T9787] <TASK> [ 45.762824][ T9787] hfsextreadextent+0x190/0x9d0 [ 45.763269][ T9787] ? submitbionoacctnocheck+0x2dd/0xce0 [ 45.763766][ T9787] ? pfxhfsextreadextent+0x10/0x10 [ 45.764250][ T9787] hfsgetblock+0x55f/0x830 [ 45.764646][ T9787] blockreadfullfolio+0x36d/0x850 [ 45.765105][ T9787] ? _pfxhfsgetblock+0x10/0x10 [ 45.765541][ T9787] ? constfolioflags+0x5b/0x100 [ 45.765972][ T9787] ? _pfxhfsreadfolio+0x10/0x10 [ 45.766415][ T9787] filemapreadfolio+0xbe/0x290 [ 45.766840][ T9787] ? _pfxfilemapreadfolio+0x10/0x10 [ 45.767325][ T9787] ? _filemapgetfolio+0x32b/0xbf0 [ 45.767780][ T9787] doreadcachefolio+0x263/0x5c0 [ 45.768223][ T9787] ? _pfxhfsreadfolio+0x10/0x10 [ 45.768666][ T9787] readcachepage+0x5b/0x160 [ 45.769070][ T9787] hfsbtreeopen+0x491/0x1740 [ 45.769481][ T9787] hfsmdbget+0x15e2/0x1fb0 [ 45.769877][ T9787] ? _pfxhfsmdbget+0x10/0x10 [ 45.770316][ T9787] ? findheldlock+0x2b/0x80 [ 45.770731][ T9787] ? lockdepinitmaptype+0x5c/0x280 [ 45.771200][ T9787] ? lockdepinitmaptype+0x5c/0x280 [ 45.771674][ T9787] hfsfillsuper+0x38e/0x720 [ 45.772092][ T9787] ? _pfxhfsfillsuper+0x10/0x10 [ 45.772549][ T9787] ? snprintf+0xbe/0x100 [ 45.772931][ T9787] ? _pfxsnprintf+0x10/0x10 [ 45.773350][ T9787] ? dorawspinlock+0x129/0x2b0 [ 45.773796][ T9787] ? findheldlock+0x2b/0x80 [ 45.774215][ T9787] ? setblocksize+0x40a/0x510 [ 45.774636][ T9787] ? sbsetblocksize+0x176/0x1d0 [ 45.775087][ T9787] ? setupbdevsuper+0x369/0x730 [ 45.775533][ T9787] gettreebdevflags+0x384/0x620 [ 45.775985][ T9787] ? _pfxhfsfillsuper+0x10/0x10 [ 45.776453][ T9787] ? _pfxgettreebdevflags+0x10/0x10 [ 45.776950][ T9787] ? bpflsmcapable+0x9/0x10 [ 45.777365][ T9787] ? securitycapable+0x80/0x260 [ 45.777803][ T9787] vfsgettree+0x8e/0x340 [ 45.778203][ T9787] pathmount+0x13de/0x2010 [ 45.778604][ T9787] ? kmemcachefree+0x2b0/0x4c0 [ 45.779052][ T9787] ? _pfxpathmount+0x10/0x10 [ 45.779480][ T9787] ? getnameflags.part.0+0x1c5/0x550 [ 45.779954][ T9787] ? putname+0x154/0x1a0 [ 45.780335][ T9787] _x64sysmount+0x27b/0x300 [ 45.780758][ T9787] ? _pfxx64sysmount+0x10/0x10 [ 45.781232][ T9787] ---truncated---
- References
Affected packages
Debian:11 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
5.*
6.*
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
6.*
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:14 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.16.3-1