Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: cifs: avoid NULL pointer dereference in dbg call cifs_server_dbg() implies server to be non-NULL so move call under condition to avoid NULL pointer dereference. Found by Linux Verification Center (linuxtesting.org) with SVACE.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 5.6.7, < 5.10.237 |
| Debian | Debian Linux | 11.0 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/20048e658652e731f5cadf4a695925e570ca0ff9Patch
- https://git.kernel.org/stable/c/6c14ee6af8f1f188b668afd6d003f7516a507b08Patch
- https://git.kernel.org/stable/c/864ba5c651b03830f36f0906c21af05b15c1aaa6Patch
- https://git.kernel.org/stable/c/9c9000cb91b986eb7f75835340c67857ab97c09bPatch
- https://git.kernel.org/stable/c/b2a1833e1c63e2585867ebeaf4dd41494dcede4bPatch
- https://git.kernel.org/stable/c/b4885bd5935bb26f0a414ad55679a372e53f9b9bPatch
- https://git.kernel.org/stable/c/ba3ce6c60cd5db258687dfeba9fc608f5e7cadf3Patch
- https://git.kernel.org/stable/c/e0717385f5c51e290c2cd2ad4699a778316b5132Patch
- https://lists.debian.org/debian-lts-announce/2025/05/msg00030.htmlMailing List
- https://lists.debian.org/debian-lts-announce/2025/05/msg00045.htmlMailing List
FAQ
What is CVE-2025-37844?
CVE-2025-37844 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: cifs: avoid NULL pointer dereference in dbg call cifs_server_dbg() implies server to be non-NULL so move call under condition to a...
How severe is CVE-2025-37844?
CVE-2025-37844 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-37844?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel, Debian Debian Linux.