Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: ufs-qcom: Fixed the issue of null pointer dereferencing. ESI/MSI is a performance optimization feature that provides dedicated interrupts per MCQ hardware queue. This is an optional feature, and UFS MCQ should work wit...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: pinctrl: qcom: msm: Certain pins are marked as invalid for interrupts. On some platforms, the UFS-reset pin has no interrupt logic in TLMM, but it is still registered as a GPIO in the kernel. This allows the user space to trigger...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: The WARNONONCE call has been removed from ufshcduiccmdcompl. The UIC completion interrupt may be disabled while a UIC command is being processed. When the UIC completion interrupt is re-enabled, a UIC interrupt i...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Remove the SCSI host only if it has been added. If the host attempts to remove the ufshcd driver from a UFS device, a kernel panic will occur if the ufshcdasyncscan function fails during ufshcdprobehba. This issu...

SUSE CVE-2026-43415

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix SError in ufshcdrtcwork during UFS suspend In ufshcdwlsuspend, canceldelayedworksync is called to cancel the UFS RTC work, but it is placed after ufshcdvopssuspendhba, pmop, POSTCHANGE. This creates a race...

CVE-2026-43415

A flaw was found in the Linux kernel's Universal Flash Storage UFS host controller driver scsi: ufs: core. A race condition exists during the UFS suspend process, where a timing issue can cause critical operations to execute out of sequence. This can lead to an Asynchronous SError Interrupt and a...

EUVD-2026-28721

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix SError in ufshcdrtcwork during UFS suspend In ufshcdwlsuspend, canceldelayedworksync is called to cancel the UFS RTC work, but it is placed after ufshcdvopssuspendhba, pmop, POSTCHANGE. This creates a race...

CVE-2026-43471 scsi: ufs: core: Fix possible NULL pointer dereference in ufshcd_add_command_trace()

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix possible NULL pointer dereference in ufshcdaddcommandtrace The kernel log indicates a crash in ufshcdaddcommandtrace, due to a NULL pointer dereference when accessing hwq-id. This can happen if...

CVE-2026-43415

CVE-2026-43415 describes a race in the Linux kernel’s UFS host controller driver (scsi: ufs: core) during UFS suspend. The issue arises because cancel_delayed_work_sync() is invoked after ufshcd_vops_suspend(..., POST_CHANGE), allowing ufshcd_rtc_work() to race with suspend operations and potenti...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ufshcdaddcommandTrace function in the scsi UFS core component. This function does not check whether...

CVE-2026-43275

A flaw was found in the Linux kernel's Universal Flash Storage UFS core driver. A race condition can occur during system suspend when the runtime power management RPM level is set to zero. This allows the driver to attempt to access the host controller after the system has entered a deep power-do...

PT-2026-37615

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Flush exception handling work when RPM level is zero Ensure that the exception event handling work is explicitly flushed during suspend when the runtime power management level is set to UFS PM LVL 0. When the RPM...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: exynos: Disable iocc if dma-coherent property isn't set If dma-coherent property isn't set then descriptors are non-cacheable and the iocc shareability bits should be disabled. Without this UFS can end up in an...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Set SDEVOFFLINE when UFS is shut down There is a history of deadlock if reboot is performed at the beginning of booting. SDEVQUIESCE was set for all LU's scsidevices by UFS shutdown, and at that time the audio...

ROS-20260119-7329

A vulnerability in the ufsbsgremove function of the drivers/ufs/core/ufsbsg.c module of the Linux kernel's UFS Universal Flash Storage host controller support is related to the reuse of previously freed memory. Exploitation of the vulnerability could allow an attacker to affect the confidentialit...

ROS-20260113-7359

A vulnerability in the Linux operating system kernel UFS driver is related to thread locking errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

SUSE CVE-2025-68236

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: ufs-qcom: Fix UFS OCP issue during UFS power down PC=3 According to UFS specifications, the power-off sequence for a UFS device includes: - Sending an SSU command with PowerCondition=3 and await a response. - Asserting...

SUSE CVE-2025-68316

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix invalid probe error return value After DME Link Startup, the error return value is set to the MIPI UniPro GenericErrorCode which can be 0 SUCCESS or 1 FAILURE. Upon failure during driver probe, the error code...

EUVD-2025-203753

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix invalid probe error return value After DME Link Startup, the error return value is set to the MIPI UniPro GenericErrorCode which can be 0 SUCCESS or 1 FAILURE. Upon failure during driver probe, the error code...

CVE-2025-68316 scsi: ufs: core: Fix invalid probe error return value

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix invalid probe error return value After DME Link Startup, the error return value is set to the MIPI UniPro GenericErrorCode which can be 0 SUCCESS or 1 FAILURE. Upon failure during driver probe, the error code...