CVE-2025-38695
Published: Sep 4, 2025
Modified: May 12, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure If a call to lpfc_sli4_read_rev() from lpfc_sli4_hba_setup() fails, the resultant cleanup routine lpfc_sli4_vport_delete_fcp_xri_aborted() may occur before sli4_hba.hdwqs are allocated. This may result in a null pointer dereference when attempting to take the abts_io_buf_list_lock for the first hardware queue. Fix by adding a null ptr check on phba->sli4_hba.hdwq and early return because this situation means there must have been an error during port initialization.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 5e5b511d8bfaf765cb92a695cda336c936cb86dc - < 6711ce7e9de4eb1a541ef30638df1294ea4267f8affected 5e5b511d8bfaf765cb92a695cda336c936cb86dc - < 74bdf54a847dab209d2a8f65852f59b7fa156175affected 5e5b511d8bfaf765cb92a695cda336c936cb86dc - < 5e25ee1ecec91c61a8acf938ad338399cad464deaffected 5e5b511d8bfaf765cb92a695cda336c936cb86dc - < add68606a01dcccf18837a53e85b85caf0693b4baffected 5e5b511d8bfaf765cb92a695cda336c936cb86dc - < 7925dd68807cc8fd755b04ca99e7e6f1c04392e8+4 more versions |
Linux | Linux | affected 5.1unaffected 0 - < 5.1unaffected 5.4.297 - <= 5.4.*unaffected 5.10.241 - <= 5.10.*unaffected 5.15.190 - <= 5.15.*+6 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now