Uninitialized Pointer Dereference in Linux Kernel Affecting pNFS Functionality
CVE-2025-38691

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 4 September 2025

What is CVE-2025-38691?

A vulnerability in the Linux kernel's pNFS implementation can allow an uninitialized pointer dereference during the encoding of extents. Specifically, as the 'ext_tree_prepare_commit()' function attempts to reallocate memory to encode extents, it does so without initializing the 'layoutupdate_pages' page array, leading to potential access violations. This flaw may escalate when dealing with larger files, resulting in layout commits exceeding the maximum RPC size accepted by the server. The risks are particularly pronounced when many extents are involved, as the reallocation may continuously fall short, exacerbating the issue.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 579b85f893d9885162e1cabf99a4a088916e143e

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 2896f101110076ac6bf99d7aaf463d61e26f89dd

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 4f783333cbfa2ee7d4aa8e47f6bd1b3f77534fcf

References

https://git.kernel.org/stable/c/579b85f893d9885162e1cabf9...

https://git.kernel.org/stable/c/2896f101110076ac6bf99d7aa...

https://git.kernel.org/stable/c/4f783333cbfa2ee7d4aa8e47f...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 4, 2025
Vulnerability Reserved
Apr 16, 2025