NULL Pointer Dereference Vulnerability in Linux Kernel Bcache Functionality
CVE-2025-38263

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 9 July 2025

What is CVE-2025-38263?

A vulnerability exists in the Linux kernel's bcache subsystem, where a NULL pointer dereference can occur during the execution of caching functions. This issue arises when certain memory allocations fail, leading to an unregistered cache set and potentially crashing the system. The problem surfaces when the kernel attempts to flush cache sets without proper checks on allocated structures, resulting in crashes and unpredictable behavior. Proper coding practices and validation checks are essential to mitigate this vulnerability and ensure system stability.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 553f560e0a74a7008ad9dba05c3fd05da296befb

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 667c3f52373ff5354cb3543e27237eb7df7b2333

References

https://git.kernel.org/stable/c/c4f5e7e417034b05f5d2f5fa9...

https://git.kernel.org/stable/c/553f560e0a74a7008ad9dba05...

https://git.kernel.org/stable/c/667c3f52373ff5354cb3543e2...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 9, 2025
Vulnerability Reserved
Apr 16, 2025