{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-38695","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-04-16T04:51:24.032Z","datePublished":"2025-09-04T15:32:48.168Z","dateUpdated":"2026-05-12T12:05:31.923Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T21:33:12.045Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure\n\nIf a call to lpfc_sli4_read_rev() from lpfc_sli4_hba_setup() fails, the\nresultant cleanup routine lpfc_sli4_vport_delete_fcp_xri_aborted() may\noccur before sli4_hba.hdwqs are allocated.  This may result in a null\npointer dereference when attempting to take the abts_io_buf_list_lock for\nthe first hardware queue.  Fix by adding a null ptr check on\nphba->sli4_hba.hdwq and early return because this situation means there\nmust have been an error during port initialization."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/scsi/lpfc/lpfc_scsi.c"],"versions":[{"version":"5e5b511d8bfaf765cb92a695cda336c936cb86dc","lessThan":"6711ce7e9de4eb1a541ef30638df1294ea4267f8","status":"affected","versionType":"git"},{"version":"5e5b511d8bfaf765cb92a695cda336c936cb86dc","lessThan":"74bdf54a847dab209d2a8f65852f59b7fa156175","status":"affected","versionType":"git"},{"version":"5e5b511d8bfaf765cb92a695cda336c936cb86dc","lessThan":"5e25ee1ecec91c61a8acf938ad338399cad464de","status":"affected","versionType":"git"},{"version":"5e5b511d8bfaf765cb92a695cda336c936cb86dc","lessThan":"add68606a01dcccf18837a53e85b85caf0693b4b","status":"affected","versionType":"git"},{"version":"5e5b511d8bfaf765cb92a695cda336c936cb86dc","lessThan":"7925dd68807cc8fd755b04ca99e7e6f1c04392e8","status":"affected","versionType":"git"},{"version":"5e5b511d8bfaf765cb92a695cda336c936cb86dc","lessThan":"571617f171f723b05f02d154a2e549a17eab4935","status":"affected","versionType":"git"},{"version":"5e5b511d8bfaf765cb92a695cda336c936cb86dc","lessThan":"d3f55f46bb37a8ec73bfe3cfe36e3ecfa2945dfa","status":"affected","versionType":"git"},{"version":"5e5b511d8bfaf765cb92a695cda336c936cb86dc","lessThan":"46a0602c24d7d425dd8e00c749cd64a934aac7ec","status":"affected","versionType":"git"},{"version":"5e5b511d8bfaf765cb92a695cda336c936cb86dc","lessThan":"6698796282e828733cde3329c887b4ae9e5545e9","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/scsi/lpfc/lpfc_scsi.c"],"versions":[{"version":"5.1","status":"affected"},{"version":"0","lessThan":"5.1","status":"unaffected","versionType":"semver"},{"version":"5.4.297","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.241","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.190","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.149","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.103","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.12.43","lessThanOrEqual":"6.12.*","status":"unaffected","versionType":"semver"},{"version":"6.15.11","lessThanOrEqual":"6.15.*","status":"unaffected","versionType":"semver"},{"version":"6.16.2","lessThanOrEqual":"6.16.*","status":"unaffected","versionType":"semver"},{"version":"6.17","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.1","versionEndExcluding":"5.4.297"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.1","versionEndExcluding":"5.10.241"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.1","versionEndExcluding":"5.15.190"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.1","versionEndExcluding":"6.1.149"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.1","versionEndExcluding":"6.6.103"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.1","versionEndExcluding":"6.12.43"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.1","versionEndExcluding":"6.15.11"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.1","versionEndExcluding":"6.16.2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.1","versionEndExcluding":"6.17"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/6711ce7e9de4eb1a541ef30638df1294ea4267f8"},{"url":"https://git.kernel.org/stable/c/74bdf54a847dab209d2a8f65852f59b7fa156175"},{"url":"https://git.kernel.org/stable/c/5e25ee1ecec91c61a8acf938ad338399cad464de"},{"url":"https://git.kernel.org/stable/c/add68606a01dcccf18837a53e85b85caf0693b4b"},{"url":"https://git.kernel.org/stable/c/7925dd68807cc8fd755b04ca99e7e6f1c04392e8"},{"url":"https://git.kernel.org/stable/c/571617f171f723b05f02d154a2e549a17eab4935"},{"url":"https://git.kernel.org/stable/c/d3f55f46bb37a8ec73bfe3cfe36e3ecfa2945dfa"},{"url":"https://git.kernel.org/stable/c/46a0602c24d7d425dd8e00c749cd64a934aac7ec"},{"url":"https://git.kernel.org/stable/c/6698796282e828733cde3329c887b4ae9e5545e9"}],"title":"scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"title":"CVE Program Container","references":[{"url":"https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"},{"url":"https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T17:41:22.934Z"}},{"x_adpType":"supplier","providerMetadata":{"orgId":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e","shortName":"siemens-SADP","dateUpdated":"2026-05-12T12:05:31.923Z"},"affected":[{"vendor":"Siemens","product":"SIMATIC CN 4100","versions":[{"status":"affected","version":"0","lessThan":"V5.0","versionType":"custom"}],"defaultStatus":"unknown"}],"references":[{"url":"https://cert-portal.siemens.com/productcert/html/ssa-032379.html"}]}]}}