Linux Kernel Vulnerability in SCSI Interface Affects Multiple Distributions
CVE-2025-38700

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
4 September 2025

What is CVE-2025-38700?

A vulnerability exists in the Linux kernel's SCSI subsystem, specifically in the initialization of iscsi_conn->dd_data. If a memory allocation for ib_fast_reg_mr fails during iSER setup, it leads to a system panic due to an uninitialized pointer dereference. This flaw occurs because iscsi_conn->dd_data is set regardless of memory allocation, resulting in potential crashes when terminating connections. The issue has been rectified by ensuring that iscsi_conn->dd_data is assigned only after a successful memory allocation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 5d91e209fb21fb9cc765729d4c6a85a9fb6c9187

Linux 5d91e209fb21fb9cc765729d4c6a85a9fb6c9187 < 9ea6d961566c7d762ed0204b06db05756fdda3b6

Linux 5d91e209fb21fb9cc765729d4c6a85a9fb6c9187

References

https://git.kernel.org/stable/c/f53af99f441ee79599d8df611...
https://git.kernel.org/stable/c/9ea6d961566c7d762ed0204b0...
https://git.kernel.org/stable/c/fd5aad080edb501ab5c84b762...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.