CVE-2025-39838

*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> cifs: prevent NULL pointer dereference in UTF16 conversion<br /> <br /> There can be a NULL pointer dereference bug here. NULL is passed to<br /> __cifs_sfu_make_node without checks, which passes it unchecked to<br /> cifs_strndup_to_utf16, which in turn passes it to<br /> cifs_local_to_utf16_bytes where &amp;#39;*from&amp;#39; is dereferenced, causing a crash.<br /> <br /> This patch adds a check for NULL &amp;#39;src&amp;#39; in cifs_strndup_to_utf16 and<br /> returns NULL early to prevent dereferencing NULL pointer.<br /> <br /> Found by Linux Verification Center (linuxtesting.org) with SVACE