CVE-2025-38263

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: A flaw exists in the Linux kernel's bcache subsystem related to a potential NULL pointer dereference within the cache set flush() function. This issue arises from an improper handling of cache set allocation and unregistration, specifically when memory allocation fails during the bch cache set alloc() process. If allocation fails, the code proceeds to unregister the cache set, leading to a NULL pointer in c->cache[]. Subsequently, when cache set flush() is called, a dereference of this NULL pointer occurs, potentially causing a kernel crash. The vulnerability is located within the code responsible for managing cache sets and handling memory allocation within the bcache module.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.