SB2025062043 - NULL pointer dereference in Linux kernel trace events
Published: June 20, 2025
Security Bulletin ID
SB2025062043
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) NULL pointer dereference (CVE-ID: CVE-2025-38034)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the include/trace/events/btrfs.h. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/0528bba48dce7820d2da72e1a114e1c4552367eb
- https://git.kernel.org/stable/c/137bfa08c6441f324d00692d1e9d22cfd773329b
- https://git.kernel.org/stable/c/5755b6731655e248c4f1d52a2e1b18795b4a2a3a
- https://git.kernel.org/stable/c/7a97f961a568a8f72472dc804af02a0f73152c5f
- https://git.kernel.org/stable/c/7f7c8c03feba5f2454792fab3bb8bd45bd6883f9
- https://git.kernel.org/stable/c/a641154cedf9d69730f8af5d0a901fe86e6486bd
- https://git.kernel.org/stable/c/a876703894a6dd6e8c04b0635d86e9f7a7c81b79
- https://git.kernel.org/stable/c/bc7e0975093567f51be8e1bdf4aa5900a3cf0b1e