CVE-2025-38737 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved:

cifs: Fix oops due to uninitialised variable

Fix smb3_init_transform_rq() to initialise buffer to NULL before calling
netfs_alloc_folioq_buffer() as netfs assumes it can append to the buffer it
is given. Setting it to NULL means it should start a fresh buffer, but the
value is currently undefined.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/453a6d2a68e54a483d67233c6e1e24c4095ee4be
https://git.kernel.org/stable/c/4931fe2dbe1cc0e7d350a4b51b0b330e43971d98
https://git.kernel.org/stable/c/6adaa9fae36f848afa7278945d725e197e33c496

History

Fri, 05 Sep 2025 17:30:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: cifs: Fix oops due to uninitialised variable Fix smb3_init_transform_rq() to initialise buffer to NULL before calling netfs_alloc_folioq_buffer() as netfs assumes it can append to the buffer it is given. Setting it to NULL means it should start a fresh buffer, but the value is currently undefined.
Title		cifs: Fix oops due to uninitialised variable
References		https://git.kernel.org/stable/c/453a6d2a68e54a483d67233c6e1e24c4095ee4be https://git.kernel.org/stable/c/4931fe2dbe1cc0e7d350a4b51b0b330e43971d98 https://git.kernel.org/stable/c/6adaa9fae36f848afa7278945d725e197e33c496

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-09-05T17:20:37.719Z

Updated: 2025-09-05T17:20:37.719Z

Reserved: 2025-04-16T04:51:24.034Z

Link: CVE-2025-38737

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-09-05T18:15:43.090

Modified: 2025-09-05T18:15:43.090

Link: CVE-2025-38737

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-38737", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-04-16T04:51:24.034Z", "datePublished": "2025-09-05T17:20:37.719Z", "dateUpdated": "2025-09-05T17:20:37.719Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-09-05T17:20:37.719Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix oops due to uninitialised variable\n\nFix smb3_init_transform_rq() to initialise buffer to NULL before calling\nnetfs_alloc_folioq_buffer() as netfs assumes it can append to the buffer it\nis given. Setting it to NULL means it should start a fresh buffer, but the\nvalue is currently undefined."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/smb/client/smb2ops.c"], "versions": [{"version": "a2906d3316fc19bf0ade84618bb73eab604c447e", "lessThan": "4931fe2dbe1cc0e7d350a4b51b0b330e43971d98", "status": "affected", "versionType": "git"}, {"version": "a2906d3316fc19bf0ade84618bb73eab604c447e", "lessThan": "6adaa9fae36f848afa7278945d725e197e33c496", "status": "affected", "versionType": "git"}, {"version": "a2906d3316fc19bf0ade84618bb73eab604c447e", "lessThan": "453a6d2a68e54a483d67233c6e1e24c4095ee4be", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/smb/client/smb2ops.c"], "versions": [{"version": "6.12", "status": "affected"}, {"version": "0", "lessThan": "6.12", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.44", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.16.4", "lessThanOrEqual": "6.16.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.17-rc3", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.12", "versionEndExcluding": "6.12.44"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.12", "versionEndExcluding": "6.16.4"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.12", "versionEndExcluding": "6.17-rc3"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/4931fe2dbe1cc0e7d350a4b51b0b330e43971d98"}, {"url": "https://git.kernel.org/stable/c/6adaa9fae36f848afa7278945d725e197e33c496"}, {"url": "https://git.kernel.org/stable/c/453a6d2a68e54a483d67233c6e1e24c4095ee4be"}], "title": "cifs: Fix oops due to uninitialised variable", "x_generator": {"engine": "bippy-1.2.0"}}}}