Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ufs core driver failing to properly handle exceptions when the RPM level is zero, potentially leadi...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001464)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001464 advisory. In ufshcdehdeviceresethandler of ufshcd.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with...

UBUNTU-CVE-2025-68316

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix invalid probe error return value After DME Link Startup, the error return value is set to the MIPI UniPro GenericErrorCode which can be 0 SUCCESS or 1 FAILURE. Upon failure during driver probe, the error code...

CVE-2025-68224 scsi: core: Fix a regression triggered by scsi_host_busy()

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix a regression triggered by scsihostbusy Commit 995412e23bb2 "blk-mq: Replace tags-lock with SRCU for tag iterators" introduced the following regression: Call trace: srcureadlock+0x30/0x80 P...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: exynos: Fixed the programming of HCIUTRLNEXUSTYPE. On the Google gs101, the number of UTP transfer request slots is 32. In this case, the driver incorrectly programs UTRLNEXUSTYPE as 0. This occurs because the left sid...

EUVD-2024-53776

Malicious code in bioql PyPI...

CVE-2025-39788

CVE-2025-39788 affects the Linux kernel SCSI/ufs Exynos driver (gs101). The issue is in the USB/UFS host path where the left shift to set UTRL_NEXUS_TYPE is performed on an int, causing an out-of-bounds shift and writing an incorrect value (0xffffffff on gs101). The fix switches to the BIT() macr...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the ufs driver not properly handling the arpmb command failure case, which could lead to memory corruption...

SUSE CVE-2025-21739

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix use-after free in init error and remove paths devmblkcryptoprofileinit registers a cleanup handler to run when the associated platform- device is being released. For UFS, the crypto private data and pointers...

CVE-2025-21739

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix use-after free in init error and remove paths devmblkcryptoprofileinit registers a cleanup handler to run when the associated platform- device is being released. For UFS, the crypto private data and pointers...

CVE-2025-21739 scsi: ufs: core: Fix use-after free in init error and remove paths

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix use-after free in init error and remove paths devmblkcryptoprofileinit registers a cleanup handler to run when the associated platform- device is being released. For UFS, the crypto private data and pointers...

Linux kernel 资源管理错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A resource management error vulnerability exists in Linux kernel, which stems from the ufs driver having a post-release reuse issue in the initialization error and removal path...

CVE-2024-56620 scsi: ufs: qcom: Only free platform MSIs when ESI is enabled

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: qcom: Only free platform MSIs when ESI is enabled Otherwise, it will result in a NULL pointer dereference as below: Unable to handle kernel NULL pointer dereference at virtual address 0000000000000008 Call trace:...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a null pointer dereference issue in the scsi ufs driver caused by not properly releasing platform MSIs when...

CVE-2024-53067

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Start the RTC update work later The RTC update work involves runtime resuming the UFS controller. Hence, only start the RTC update work after runtime power management in the UFS driver has been fully initialized...

CVE-2024-53067

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Start the RTC update work later The RTC update work involves runtime resuming the UFS controller. Hence, only start the RTC update work after runtime power management in the UFS driver has been fully initialized...

UBUNTU-CVE-2024-53067

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Start the RTC update work later The RTC update work involves runtime resuming the UFS controller. Hence, only start the RTC update work after runtime power management in the UFS driver has been fully initialized...

The vulnerability of the ufs_mtk_init_va09_pwr_ctrl() function (drivers/scsi/ufs/ufs-mediatek.c) in the Linux operating system’s UFS driver allows a hacker to cause a service failure.

The vulnerability of the ufsmtkinitva09pwrctrl function drivers/scsi/ufs/ufs-mediatek.c in the Linux operating system’s UFS driver is related to pointer arithmetic errors. Exploiting this vulnerability could allow an attacker to cause a service failure...