CVE-2025-38075

In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix timeout on deleted connection NOPIN response timer may expire on a deleted connection and crash with such logs: Did not receive response to NOPIN on CID: 0, failing connection for I_T Nexus (null),i,0x00023d000125,iqn.2017-01.com.iscsi.target,t,0x3d BUG: Kernel NULL pointer dereference on read at 0x00000000 NIP strlcpy+0x8/0xb0 LR iscsit_fill_cxn_timeout_err_stats+0x5c/0xc0 [iscsi_target_mod] Call Trace: iscsit_handle_nopin_response_timeout+0xfc/0x120 [iscsi_target_mod] call_timer_fn+0x58/0x1f0 run_timer_softirq+0x740/0x860 __do_softirq+0x16c/0x420 irq_exit+0x188/0x1c0 timer_interrupt+0x184/0x410 That is because nopin response timer may be re-started on nopin timer expiration. Stop nopin timer before stopping the nopin response timer to be sure that no one of them will be re-started.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/019ca2804f3fb49a7f8e56ea6aeaa1ff32724c27	Patch
https://git.kernel.org/stable/c/2c5081439c7ab8da08427befe427f0d732ebc9f9	Patch
https://git.kernel.org/stable/c/3e6429e3707943078240a2c0c0b3ee99ea9b0d9c	Patch
https://git.kernel.org/stable/c/571ce6b6f5cbaf7d24af03cad592fc0e2a54de35	Patch
https://git.kernel.org/stable/c/6815846e0c3a62116a7da9740e3a7c10edc5c7e9	Patch
https://git.kernel.org/stable/c/7f533cc5ee4c4436cee51dc58e81dfd9c3384418	Patch
https://git.kernel.org/stable/c/87389bff743c55b6b85282de91109391f43e0814	Patch
https://git.kernel.org/stable/c/fe8421e853ef289e1324fcda004751c89dd9c18a	Patch
https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html	Third Party Advisory
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html	Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.15:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.15:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.15:rc3::::::

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

History

17 Dec 2025, 16:39

Type	Values Removed	Values Added
References	~~() https://git.kernel.org/stable/c/019ca2804f3fb49a7f8e56ea6aeaa1ff32724c27 -~~	() https://git.kernel.org/stable/c/019ca2804f3fb49a7f8e56ea6aeaa1ff32724c27 - Patch
References	~~() https://git.kernel.org/stable/c/2c5081439c7ab8da08427befe427f0d732ebc9f9 -~~	() https://git.kernel.org/stable/c/2c5081439c7ab8da08427befe427f0d732ebc9f9 - Patch
References	~~() https://git.kernel.org/stable/c/3e6429e3707943078240a2c0c0b3ee99ea9b0d9c -~~	() https://git.kernel.org/stable/c/3e6429e3707943078240a2c0c0b3ee99ea9b0d9c - Patch
References	~~() https://git.kernel.org/stable/c/571ce6b6f5cbaf7d24af03cad592fc0e2a54de35 -~~	() https://git.kernel.org/stable/c/571ce6b6f5cbaf7d24af03cad592fc0e2a54de35 - Patch
References	~~() https://git.kernel.org/stable/c/6815846e0c3a62116a7da9740e3a7c10edc5c7e9 -~~	() https://git.kernel.org/stable/c/6815846e0c3a62116a7da9740e3a7c10edc5c7e9 - Patch
References	~~() https://git.kernel.org/stable/c/7f533cc5ee4c4436cee51dc58e81dfd9c3384418 -~~	() https://git.kernel.org/stable/c/7f533cc5ee4c4436cee51dc58e81dfd9c3384418 - Patch
References	~~() https://git.kernel.org/stable/c/87389bff743c55b6b85282de91109391f43e0814 -~~	() https://git.kernel.org/stable/c/87389bff743c55b6b85282de91109391f43e0814 - Patch
References	~~() https://git.kernel.org/stable/c/fe8421e853ef289e1324fcda004751c89dd9c18a -~~	() https://git.kernel.org/stable/c/fe8421e853ef289e1324fcda004751c89dd9c18a - Patch
References	~~() https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html -~~	() https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html - Third Party Advisory
References	~~() https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html -~~	() https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html - Third Party Advisory
CPE		cpe:2.3:o:linux:linux_kernel:6.15:rc2:::::: cpe:2.3:o:debian:debian_linux:11.0:::::::* cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:6.15:rc3:::::: cpe:2.3:o:linux:linux_kernel:6.15:rc1::::::
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
CWE		CWE-476
First Time		Linux Debian Debian debian Linux Linux linux Kernel

03 Nov 2025, 18:16

Type	Values Removed	Values Added
References		() https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html - () https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html -
Summary		(es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: scsi: target: iscsi: Se corrige el tiempo de espera en la conexión eliminada. El temporizador de respuesta NOPIN puede expirar en una conexión eliminada y bloquearse con dichos registros: No se recibió respuesta a NOPIN en CID: 0, falla de conexión para I_T Nexus (nulo),i,0x00023d000125,iqn.2017-01.com.iscsi.target,t,0x3d ERROR: Desreferencia de puntero NULL del kernel en lectura en 0x00000000 NIP strlcpy+0x8/0xb0 LR iscsit_fill_cxn_timeout_err_stats+0x5c/0xc0 [iscsi_target_mod] Rastreo de llamadas: iscsit_handle_nopin_response_timeout+0xfc/0x120 [iscsi_target_mod] call_timer_fn+0x58/0x1f0 run_timer_softirq+0x740/0x860 __do_softirq+0x16c/0x420 irq_exit+0x188/0x1c0 timer_interrupt+0x184/0x410 Esto se debe a que el temporizador de respuesta de nopin puede reiniciarse al expirar. Deténgalo antes de detener el temporizador de respuesta de nopin para asegurarse de que ninguno de ellos se reinicie.

18 Jun 2025, 10:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-06-18 10:15

Updated : 2025-12-17 16:39

NVD link : CVE-2025-38075

Mitre link : CVE-2025-38075

CVE.ORG link : CVE-2025-38075

JSON object : View

Products Affected

debian

debian_linux

linux

linux_kernel

CWE

CWE-476

NULL Pointer Dereference

5.5 /10