In the Linux kernel, the following vulnerability has been resolved:
fs/ntfs3: handle hdrfirstde() return value
The hdrfirstde() function returns a pointer to a struct NTFS_DE. This pointer may be NULL. To handle the NULL error effectively, it is important to implement an error handler. This will help manage potential errors consistently.
Additionally, error handling for the return value already exists at other points where this function is called.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
{ "vanir_signatures": [ { "signature_version": "v1", "target": { "function": "indx_get_entry_to_replace", "file": "fs/ntfs3/index.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@701340a25b1ad210e6b8192195be21fd3fcc22c7", "deprecated": false, "digest": { "length": 1235.0, "function_hash": "57714286427373623012116740964646043247" }, "id": "CVE-2025-38167-18ca6ad4" }, { "signature_version": "v1", "target": { "file": "fs/ntfs3/index.c" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@83cd0aa74793384dbdffc140500b200e9776a302", "deprecated": false, "digest": { "line_hashes": [ "245406521959861759743515156764249089161", "6156997734691502793606525575333836789", "332971241966304773785674871138130354289", "236839500689490881272821179667398414925", "31049166686269724629859225981997295736", "214391826566556994516913578247505133615", "340234720802618437358475941106628252524", "235892443227298086435297121051163446906" ], "threshold": 0.9 }, "id": "CVE-2025-38167-39bfaff3" }, { "signature_version": "v1", "target": { "file": "fs/ntfs3/index.c" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@701340a25b1ad210e6b8192195be21fd3fcc22c7", "deprecated": false, "digest": { "line_hashes": [ "245406521959861759743515156764249089161", "6156997734691502793606525575333836789", "332971241966304773785674871138130354289", "236839500689490881272821179667398414925", "31049166686269724629859225981997295736", "214391826566556994516913578247505133615", "340234720802618437358475941106628252524", "235892443227298086435297121051163446906" ], "threshold": 0.9 }, "id": "CVE-2025-38167-3e9f783e" }, { "signature_version": "v1", "target": { "function": "indx_get_entry_to_replace", "file": "fs/ntfs3/index.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@83cd0aa74793384dbdffc140500b200e9776a302", "deprecated": false, "digest": { "length": 1231.0, "function_hash": "246082267958753920687640181790918613822" }, "id": "CVE-2025-38167-5f15138d" }, { "signature_version": "v1", "target": { "file": "fs/ntfs3/index.c" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@af5cab0e5b6f8edb0be51a9f47f3f620e0b4fd70", "deprecated": false, "digest": { "line_hashes": [ "245406521959861759743515156764249089161", "6156997734691502793606525575333836789", "332971241966304773785674871138130354289", "236839500689490881272821179667398414925", "31049166686269724629859225981997295736", "214391826566556994516913578247505133615", "340234720802618437358475941106628252524", "235892443227298086435297121051163446906" ], "threshold": 0.9 }, "id": "CVE-2025-38167-6fd0fb1f" }, { "signature_version": "v1", "target": { "function": "indx_get_entry_to_replace", "file": "fs/ntfs3/index.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4ecd0cde89feee26525ccdf1af0c1ae156ca010b", "deprecated": false, "digest": { "length": 1235.0, "function_hash": "57714286427373623012116740964646043247" }, "id": "CVE-2025-38167-7090dcbf" }, { "signature_version": "v1", "target": { "function": "indx_get_entry_to_replace", "file": "fs/ntfs3/index.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@af5cab0e5b6f8edb0be51a9f47f3f620e0b4fd70", "deprecated": false, "digest": { "length": 1235.0, "function_hash": "57714286427373623012116740964646043247" }, "id": "CVE-2025-38167-7b63d53e" }, { "signature_version": "v1", "target": { "file": "fs/ntfs3/index.c" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4ecd0cde89feee26525ccdf1af0c1ae156ca010b", "deprecated": false, "digest": { "line_hashes": [ "245406521959861759743515156764249089161", "6156997734691502793606525575333836789", "332971241966304773785674871138130354289", "236839500689490881272821179667398414925", "31049166686269724629859225981997295736", "214391826566556994516913578247505133615", "340234720802618437358475941106628252524", "235892443227298086435297121051163446906" ], "threshold": 0.9 }, "id": "CVE-2025-38167-bdd87f13" } ] }