CVE-2025-40010
Published: October 21, 2025Last modified: October 21, 2025
Description
In the Linux kernel, the following vulnerability has been resolved: afs: Fix potential null pointer dereference in afs_put_server afs_put_server() accessed server->debug_id before the NULL check, which could lead to a null pointer dereference. Move the debug_id assignment, ensuring we never dereference a NULL server pointer.
Status
| Product | Release | Package | Status |
|---|---|---|---|
| Alpaquita Linux | 23 LTS | linux-lts | Fixed (6.1.155-r0) |
| 25 LTS | linux-lts | Fixed (6.12.51-r0) | |
| Stream | linux-lts | Fixed (6.12.51-r0) |
References
- https://git.kernel.org/stable/c/41782c44bb8431c43043129ae42f2ba614938479
- https://git.kernel.org/stable/c/7b8381f3c405b864a814d747e526e078c3ef4bc2
- https://git.kernel.org/stable/c/9158c6bb245113d4966df9b2ba602197a379412e
- https://git.kernel.org/stable/c/a13dbc5e20c7284b82afe6f08debdecf51d2ca04
- https://git.kernel.org/stable/c/cab278cead49a547ac84c3e185f446f381303eae