CVE-2025-37759

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the version containing commit 8284066946e6

Description A null pointer dereference issue has been identified in the Linux kernel's ublk driver, specifically in the handling of recovery and reissue in ublk abort queue(). This issue can cause a kernel panic when a request is freed before io uring returns the zc buffer back. The problem arises from a commit that fails to grab a request reference when the request is handled by userspace, leading to potential requeuing, redispatch, and failure when canceling an uring command.

Recommendations For Linux kernel versions prior to the version containing commit 8284066946e6, apply the fix that always grabs a request reference for aborting the request to prevent the null pointer dereference issue.

Exploit

Fix

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

BDU:2025-12159

CVE-2025-37759

USN-7594-1

USN-7594-2

USN-7594-3

USN-8028-1

USN-8028-2

USN-8028-3

USN-8028-4

USN-8028-5

USN-8028-6

USN-8028-7

USN-8028-8

USN-8031-1

USN-8031-2

USN-8031-3

USN-8052-1

USN-8052-2

USN-8074-1

USN-8074-2

USN-8126-1

Affected Products

Astra Linux

Linuxmint

Linux Kernel

Red Os

Ubuntu

CVE-2025-37759

Weakness Enumeration

Related Identifiers

Affected Products

References · 1416