CVE-2025-38737
cifs: Fix oops due to uninitialised variable
In the Linux kernel, the following vulnerability has been resolved:
cifs: Fix oops due to uninitialised variable
Fix smb3_init_transform_rq() to initialise buffer to NULL before calling
netfs_alloc_folioq_buffer() as netfs assumes it can append to the buffer it
is given. Setting it to NULL means it should start a fresh buffer, but the
value is currently undefined.
Affected products
Linux · LinuxWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →