7.8
CVE-2023-53510
- EPSS 0.14%
- Veröffentlicht 01.10.2025 12:15:54
- Zuletzt bearbeitet 15.06.2026 18:23:34
- CVE-Watchlists
- Unerledigt
scsi: ufs: core: Fix handling of lrbp->cmd
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix handling of lrbp->cmd ufshcd_queuecommand() may be called two times in a row for a SCSI command before it is completed. Hence make the following changes: - In the functions that submit a command, do not check the old value of lrbp->cmd nor clear lrbp->cmd in error paths. - In ufshcd_release_scsi_cmd(), do not clear lrbp->cmd. See also scsi_send_eh_cmnd(). This commit prevents that the following appears if a command times out: WARNING: at drivers/ufs/core/ufshcd.c:2965 ufshcd_queuecommand+0x6f8/0x9a8 Call trace: ufshcd_queuecommand+0x6f8/0x9a8 scsi_send_eh_cmnd+0x2c0/0x960 scsi_eh_test_devices+0x100/0x314 scsi_eh_ready_devs+0xd90/0x114c scsi_error_handler+0x2b4/0xb70 kthread+0x16c/0x1e0
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 3.12 < 6.1.167
Linux ≫ Linux Kernel Version >= 6.2 < 6.3.13
Linux ≫ Linux Kernel Version >= 6.4 < 6.4.4
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.14% | 0.04 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-415 Double Free
The product calls free() twice on the same memory address.
https://git.kernel.org/stable/c/49234a401e161a2f2698f4612ab792c49b3cad1b
https://git.kernel.org/stable/c/549e91a9bbaa0ee480f59357868421a61d369770
https://git.kernel.org/stable/c/f3ee24af62681b942bbd799ac77b90a6d7e1fdb1
https://git.kernel.org/stable/c/b6d76d63c6d21d5d26c301a46853a2aee72397d5