CVE-2025-38289
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-38289
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38289.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-38289
- Downstream
- Related
- Published
- 2025-07-10T08:15:27Z
- Modified
- 2025-08-09T20:01:25Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
scsi: lpfc: Avoid potential ndlp use-after-free in devlosstmo_callbk
Smatch detected a potential use-after-free of an ndlp oject in devlosstmo_callbk during driver unload or fatal error handling.
Fix by reordering code to avoid potential use-after-free if initial nodelist reference has been previously removed.
- References