AZL-64722

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-64722.json

JSON Data

https://api.test.osv.dev/v1/vulns/AZL-64722

Upstream

CVE-2025-38231

Published

2025-07-04T14:15:32Z

Modified

2026-04-01T05:20:23.723402Z

Summary

CVE-2025-38231 affecting package kernel for versions less than 6.6.96.1-1

Details

In the Linux kernel, the following vulnerability has been resolved:

nfsd: Initialize ssc before laundromat_work to prevent NULL dereference

In nfs4statestartnet(), laundromatwork may access nfsdssc through nfs4laundromat -> nfsd4sscexpireumount. If nfsdssc isn't initialized, this can cause NULL pointer dereference.

Normally the delayed start of laundromatwork allows sufficient time for nfsdssc initialization to complete. However, when the kernel waits too long for userspace responses (e.g. in nfs4statestartnet -> nfsd4endgrace -> nfsd4recordgracedone -> nfsd4cldgracedone -> cldpipe_upcall -> _cldpipeupcall -> waitforcompletion path), the delayed work may start before nfsdssc initialization finishes.

Fix this by moving nfsdssc initialization before starting laundromatwork.

References

https://nvd.nist.gov/vuln/detail/CVE-2025-38231

Affected packages

Azure Linux:3 / kernel

Package

Name: kernel
Purl: pkg:rpm/azure-linux/kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.6.96.1-1

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-64722.json"