CVE-2025-38660

Medium CVSS: 5.5

In the Linux kernel, the following vulnerability has been resolved:

[ceph] parse_longname(): strrchr() expects NUL-terminated string

... and parse_longname() is not guaranteed that. That's the reason
why it uses kmemdup_nul() to build the argument for kstrtou64();
the problem is, kstrtou64() is not the only thing that need it.

Just get a NUL-terminated copy of the entire thing and be done
with that...

Vendor

Linux

Product

Linux Kernel

CWE

NVD-CWE-Other

Yayın Tarihi

2025-08-22 16:15:41

Güncelleme

2025-11-25 22:13:22

Source Identifier

416baaa9-dc9f-4396-8d5f-8c081fb06d67

KEV Date Added

Kategoriler

NVD-CWE-Other Linux Kernel MEDIUM Linux 2025

Referanslar

https://git.kernel.org/stable/c/101841c38346f4ca41dc1802c867da990ffb32eb https://git.kernel.org/stable/c/3145b2b11492d61c512bbc59660bb823bc757f48 https://git.kernel.org/stable/c/493479af8af3ab907f49e99323777d498a4fbd2b https://git.kernel.org/stable/c/bb80f7618832d26f7e395f52f82b1dac76223e5f

Benzer Kayıtlar

Medium

CVE-2026-23238

In the Linux kernel, the following vulnerability has been resolved: romfs: check sb_set_blocksize() return value romfs…

Medium

CVE-2026-23237

In the Linux kernel, the following vulnerability has been resolved: platform/x86: classmate-laptop: Add missing NULL po…

High

CVE-2026-23236

In the Linux kernel, the following vulnerability has been resolved: fbdev: smscufx: properly copy ioctl memory to kerne…

High

CVE-2026-23235

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix out-of-bounds access in sysfs attribute r…

High

CVE-2026-23234

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid UAF in f2fs_write_end_io() As s…

High

CVE-2026-23233

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid mapping wrong physical block for…