CVE-2025-38289

Source
https://nvd.nist.gov/vuln/detail/CVE-2025-38289
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38289.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-38289
Downstream
Related
Published
2025-07-10T07:42:05Z
Modified
2025-10-18T01:57:39.175278Z
Summary
scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk
Details

In the Linux kernel, the following vulnerability has been resolved:

scsi: lpfc: Avoid potential ndlp use-after-free in devlosstmo_callbk

Smatch detected a potential use-after-free of an ndlp oject in devlosstmo_callbk during driver unload or fatal error handling.

Fix by reordering code to avoid potential use-after-free if initial nodelist reference has been previously removed.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
e4913d4bc59227fbdfe6b8f5541f49aaea1cb41c
Fixed
ea405fb4144985d5c60f49c2abd9ba47ea44fdb4
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
4281f44ea8bfedd25938a0031bebba1473ece9ad
Fixed
4f09940b5581e44069eb31a66cf7f05c3c35ed04
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
4281f44ea8bfedd25938a0031bebba1473ece9ad
Fixed
b5162bb6aa1ec04dff4509b025883524b6d7e7ca

Affected versions

v6.*

v6.12
v6.12-rc2
v6.12-rc3
v6.12-rc4
v6.12-rc5
v6.12-rc6
v6.12-rc7
v6.12.10
v6.12.11
v6.12.12
v6.12.13
v6.12.14
v6.12.15
v6.12.16
v6.12.17
v6.12.18
v6.12.19
v6.12.20
v6.12.21
v6.12.22
v6.12.23
v6.12.24
v6.12.25
v6.12.26
v6.12.27
v6.12.28
v6.12.29
v6.12.30
v6.12.31
v6.12.32
v6.12.33
v6.12.34
v6.12.35
v6.12.36
v6.12.5
v6.12.6
v6.12.7
v6.12.8
v6.12.9
v6.13
v6.13-rc1
v6.13-rc2
v6.13-rc3
v6.13-rc4
v6.13-rc5
v6.13-rc6
v6.13-rc7
v6.14
v6.14-rc1
v6.14-rc2
v6.14-rc3
v6.14-rc4
v6.14-rc5
v6.14-rc6
v6.14-rc7
v6.15
v6.15-rc1
v6.15-rc2
v6.15-rc3
v6.15-rc4
v6.15-rc5
v6.15-rc6
v6.15-rc7
v6.15.1
v6.15.2

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.12.37
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.15.3