CVE-2025-38197

MEDIUM

Linux Kernel - NULL Pointer Dereference in dell_rbu Packet List Handling

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell_rbu: Fix list usage Pass the correct list head to list_for_each_entry*() when looping through the packet list. Without this patch, reading the packet data via sysfs will show the data incorrectly (because it starts at the wrong packet), and clearing the packet list will result in a NULL pointer dereference.

References (9)

Core 9

Core References

Third Party Advisory, Mailing List

https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html

Third Party Advisory, Mailing List

https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html

Patch

https://git.kernel.org/stable/c/5e8c658acd1b7c186aeffa46bf08795e121f401a

Patch

https://git.kernel.org/stable/c/07d7b8e7ef7d1f812a6211ed531947c56d09e95e

Patch

https://git.kernel.org/stable/c/a7b477b64ef5e37cb08dd536ae07c46f9f28262e

Patch

https://git.kernel.org/stable/c/f3b840fb1508a80cd8a0efb5c886ae1995a88b24

Patch

https://git.kernel.org/stable/c/4d71f2c1e5263a9f042faa71d59515709869dc79

Patch

https://git.kernel.org/stable/c/32d05e6cc3a7bf6c8f16f7b7ef8fe80eca0c233e

Patch

https://git.kernel.org/stable/c/61ce04601e0d8265ec6d2ffa6df5a7e1bce64854

Scores

CVSS v3 5.5

EPSS 0.0007

EPSS Percentile 20.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-476

Status published

Products (25)

debian/debian_linux 11.0

linux/Kernel 5.11.0 - 5.15.186linux

linux/Kernel 5.16.0 - 6.1.142linux

linux/Kernel 5.7.0 - 5.10.239linux

linux/Kernel 6.13.0 - 6.15.4linux

linux/Kernel 6.2.0 - 6.6.95linux

linux/Kernel 6.7.0 - 6.12.35linux

Linux/Linux < 5.7

Linux/Linux 5.10.239 - 5.10.*

Linux/Linux 5.15.186 - 5.15.*

... and 15 more

Published Jul 04, 2025

Tracked Since Feb 18, 2026