CVE-2025-38092 – Linux Kernel ksmbd Null Pointer Dereference Vulnerability

July 2, 2025

CVE ID : CVE-2025-38092

Published : July 2, 2025, 3:15 p.m. | 4 hours, 27 minutes ago

Description : In the Linux kernel, the following vulnerability has been resolved:

ksmbd: use list_first_entry_or_null for opinfo_get_list()

The list_first_entry() macro never returns NULL. If the list is
empty then it returns an invalid pointer. Use list_first_entry_or_null()
to check if the list is empty.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-53109 – Filesystem Symlink File Access Vulnerability

Next Article CVE-2025-38093 – Qualcomm ARM64 GPU Temperature Control Vulnerability (Thermal Overload)

Highlights

CVE-2025-49000 – InvenTree Label-Sheet Plugin Denial of Service Vulnerability

June 3, 2025

CVE ID : CVE-2025-49000

Published : June 3, 2025, 9:15 p.m. | 30 minutes ago

Description : InvenTree is an Open Source Inventory Management System. Prior to version 0.17.13, the skip field in the built-in `label-sheet` plugin lacks an upper bound, so a large value forces the server to allocate an enormous Python list. This lets any authenticated label-printing user trigger a denial-of-service via memory exhaustion. the issue is fixed in versions 0.17.13 and higher. No workaround is available aside from upgrading to the patched version.

Severity: 3.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

The Psychology Of Color In UX Design And Digital Products

This week in AI dev tools: Claude Sonnet 4’s larger context window, ChatGPT updates, and more (August 15, 2025)

Sentry launches MCP monitoring tool

10 Benefits of Hiring a React.js Development Company (2025–2026 Edition)

Your smart home device just got a performance and security boost for free

Ultrahuman brings advanced cycle and ovulation tracking to its smart ring

DistroWatch Weekly, Issue 1135

14 secret phone codes that unlock hidden features on your Android and iPhone

Air Quality Prediction System using Python ML

Air Quality Prediction System using Python ML

AI’s Hidden Thirst: The Water Behind Tech

Minesweeper game in 100 lines of pure JavaScript – easy tutorial

DistroWatch Weekly, Issue 1135

DistroWatch Weekly, Issue 1135

Ubuntu’s New “Dangerous” Daily Builds – What Are They?

gofmt – formats Go programs

CVE-2025-38092 – Linux Kernel ksmbd Null Pointer Dereference Vulnerability

CVE-2025-9090 – Tenda Telnet Service Command Injection

CVE-2025-9091 – Tenda AC20 Hard-Coded Credentials Vulnerability

CVE-2025-8476 – Alpine iLX-507 TIDAL Certificate Validation Bypass Root RCE

Implement human-in-the-loop confirmation with Amazon Bedrock Agents

CVE-2025-6586 – WordPress Download Plugin Remote Code Execution (RCE) Vulnerability

The utterly crazy story of the death threat hacker (involves a cat)

CVE-2025-49000 – InvenTree Label-Sheet Plugin Denial of Service Vulnerability

This $559 OLED laptop shows there’s still time to buy before tariffs set in

CVE-2025-2828 – Apache Langchain SSRF

Ferron is a web server optimized for speed, security and efficiency

CVE-2025-38092 – Linux Kernel ksmbd Null Pointer Dereference Vulnerability

Related Posts