Crash in Linux Kernel SCSI Driver for FNIC During FDMI Timeouts
CVE-2025-38238

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 9 July 2025

What is CVE-2025-38238?

A vulnerability exists in the SCSI driver for FNIC in the Linux kernel, where, under certain conditions, both RHBA and RPA FDMI requests may time out. This results in the driver attempting to reuse a frame for sending ABTS commands, leading to a crash due to double-free attempts. The issue has been addressed by ensuring that separate frames are allocated for the respective requests, thereby eliminating the crash scenario during timeout handling. Extensive testing was conducted to simulate various FDMI response drops, verifying the stability of the updated logic.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch