Acknowledged
Created: Jul 28, 2025
Updated: Jul 29, 2025
Found In Version: 10.22.33.1
Severity: Standard
Applicable for: Wind River Linux LTS 22
Component/s: Kernel
In the Linux kernel, the following vulnerability has been resolved:EOL][EOL]scsi: target: Fix NULL pointer dereference in core_scsi3_decode_spec_i_port()[EOL][EOL]The function core_scsi3_decode_spec_i_port(), in its error code path,[EOL]unconditionally calls core_scsi3_lunacl_undepend_item() passing the[EOL]dest_se_deve pointer, which may be NULL.[EOL][EOL]This can lead to a NULL pointer dereference if dest_se_deve remains[EOL]unset.[EOL][EOL]SPC-3 PR SPEC_I_PT: Unable to locate dest_tpg[EOL]Unable to handle kernel paging request at virtual address dfff800000000012[EOL]Call trace:[EOL] core_scsi3_lunacl_undepend_item+0x2c/0xf0 [target_core_mod] (P)[EOL] core_scsi3_decode_spec_i_port+0x120c/0x1c30 [target_core_mod][EOL] core_scsi3_emulate_pro_register+0x6b8/0xcd8 [target_core_mod][EOL] target_scsi3_emulate_pr_out+0x56c/0x840 [target_core_mod][EOL][EOL]Fix this by adding a NULL check before calling[EOL]core_scsi3_lunacl_undepend_item()
CREATE(Triage):(User=admin) [CVE-2025-38399 (https://nvd.nist.gov/vuln/detail/CVE-2025-38399)
