CVE-2025-38660
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-38660
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-38660.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2025-38660
- Downstream
- Related
- Published
- 2025-08-22T16:01:03Z
- Modified
- 2025-10-22T15:26:16.930201Z
- Summary
- [ceph] parse_longname(): strrchr() expects NUL-terminated string
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
[ceph] parse_longname(): strrchr() expects NUL-terminated string
... and parselongname() is not guaranteed that. That's the reason why it uses kmemdupnul() to build the argument for kstrtou64(); the problem is, kstrtou64() is not the only thing that need it.
Just get a NUL-terminated copy of the entire thing and be done with that...
- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/101841c38346f4ca41dc1802c867da990ffb32eb
- https://git.kernel.org/stable/c/3145b2b11492d61c512bbc59660bb823bc757f48
- https://git.kernel.org/stable/c/493479af8af3ab907f49e99323777d498a4fbd2b
- https://git.kernel.org/stable/c/bb80f7618832d26f7e395f52f82b1dac76223e5f
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduceddd66df0053ef84add5e684df517aa9b498342381Fixedbb80f7618832d26f7e395f52f82b1dac76223e5f
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduceddd66df0053ef84add5e684df517aa9b498342381Fixed3145b2b11492d61c512bbc59660bb823bc757f48
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduceddd66df0053ef84add5e684df517aa9b498342381Fixed493479af8af3ab907f49e99323777d498a4fbd2b
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduceddd66df0053ef84add5e684df517aa9b498342381Fixed101841c38346f4ca41dc1802c867da990ffb32eb
Affected versions
v6.*
v6.10
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.11
v6.11-rc1
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.12
v6.12-rc1
v6.12-rc2
v6.12-rc3
v6.12-rc4
v6.12-rc5
v6.12-rc6
v6.12-rc7
v6.12.1
v6.12.10
v6.12.11
v6.12.12
v6.12.13
v6.12.14
v6.12.15
v6.12.16
v6.12.17
v6.12.18
v6.12.19
v6.12.2
v6.12.20
v6.12.21
v6.12.22
v6.12.23
v6.12.24
v6.12.25
v6.12.26
v6.12.27
v6.12.28
v6.12.29
v6.12.3
v6.12.30
v6.12.31
v6.12.32
v6.12.33
v6.12.34
v6.12.35
v6.12.36
v6.12.37
v6.12.38
v6.12.39
v6.12.4
v6.12.40
v6.12.41
v6.12.5
v6.12.6
v6.12.7
v6.12.8
v6.12.9
v6.13
v6.13-rc1
v6.13-rc2
v6.13-rc3
v6.13-rc4
v6.13-rc5
v6.13-rc6
v6.13-rc7
v6.14
v6.14-rc1
v6.14-rc2
v6.14-rc3
v6.14-rc4
v6.14-rc5
v6.14-rc6
v6.14-rc7
v6.15
v6.15-rc1
v6.15-rc2
v6.15-rc3
v6.15-rc4
v6.15-rc5
v6.15-rc6
v6.15-rc7
v6.15.1
v6.15.2
v6.15.3
v6.15.4
v6.15.5
v6.15.6
v6.15.7
v6.15.8
v6.15.9
v6.16
v6.16-rc1
v6.16-rc2
v6.16-rc3
v6.16-rc4
v6.16-rc5
v6.16-rc6
v6.16-rc7
v6.5
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7