Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2025-39676

Опубликовано: 05 сент. 2025
Источник: redhat
CVSS3: 5.1
EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved: scsi: qla4xxx: Prevent a potential error pointer dereference The qla4xxx_get_ep_fwdb() function is supposed to return NULL on error, but qla4xxx_ep_connect() returns error pointers. Propagating the error pointers will lead to an Oops in the caller, so change the error pointers to NULL.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 10kernelNot affected
Red Hat Enterprise Linux 6kernelOut of support scope
Red Hat Enterprise Linux 7kernelFix deferred
Red Hat Enterprise Linux 7kernel-rtFix deferred
Red Hat Enterprise Linux 8kernelFix deferred
Red Hat Enterprise Linux 8kernel-rtFix deferred
Red Hat Enterprise Linux 9kernelFix deferred
Red Hat Enterprise Linux 9kernel-rtFix deferred

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-394
https://bugzilla.redhat.com/show_bug.cgi?id=2393537kernel: scsi: qla4xxx: Prevent a potential error pointer dereference

EPSS

Процентиль: 14%
0.00047
Низкий

5.1 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2025-39676

ubuntu
2 месяца назад

In the Linux kernel, the following vulnerability has been resolved: scsi: qla4xxx: Prevent a potential error pointer dereference The qla4xxx_get_ep_fwdb() function is supposed to return NULL on error, but qla4xxx_ep_connect() returns error pointers. Propagating the error pointers will lead to an Oops in the caller, so change the error pointers to NULL.

nvd логотип

CVE-2025-39676

nvd
2 месяца назад

In the Linux kernel, the following vulnerability has been resolved: scsi: qla4xxx: Prevent a potential error pointer dereference The qla4xxx_get_ep_fwdb() function is supposed to return NULL on error, but qla4xxx_ep_connect() returns error pointers. Propagating the error pointers will lead to an Oops in the caller, so change the error pointers to NULL.

msrc логотип

CVE-2025-39676

CVSS3: 5.5
msrc
около 2 месяцев назад

scsi: qla4xxx: Prevent a potential error pointer dereference

debian логотип

CVE-2025-39676

debian
2 месяца назад

In the Linux kernel, the following vulnerability has been resolved: s ...

github логотип

GHSA-2m84-5929-4fcx

github
2 месяца назад

In the Linux kernel, the following vulnerability has been resolved: scsi: qla4xxx: Prevent a potential error pointer dereference The qla4xxx_get_ep_fwdb() function is supposed to return NULL on error, but qla4xxx_ep_connect() returns error pointers. Propagating the error pointers will lead to an Oops in the caller, so change the error pointers to NULL.

EPSS

Процентиль: 14%
0.00047
Низкий

5.1 Medium

CVSS3