CVE-2025-40010

Vulnerability

In the Linux kernel's AFS (Andrew File System) client, the function afs_put_server() contained a null pointer dereference vulnerability. The code accessed server->debug_id before performing a NULL check on the server pointer. If server is NULL, this would cause a kernel crash or undefined behavior.

Exploitation

An attacker would need to trigger a code path that calls afs_put_server() with a NULL server pointer. This could occur during error handling or cleanup routines in the AFS code. No special privileges are required beyond the ability to interact with the AFS filesystem, but the exact attack surface depends on the specific kernel configuration and usage scenario.

Impact

A successful exploitation leads to a denial of service (kernel panic or oops) due to the null pointer dereference. The vulnerability does not appear to allow privilege escalation or arbitrary code execution based on the description.

Mitigation

The fix moves the debug_id assignment after the NULL check, ensuring the pointer is valid before dereferencing. The patch has been applied to the Linux kernel stable tree [1][2]. Users should update to a kernel version containing the fix.