CVE-2023-53510

EPSS 0.02%
Veröffentlicht 01.10.2025 12:15:54
Zuletzt bearbeitet 02.10.2025 19:11:46
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

scsi: ufs: core: Fix handling of lrbp->cmd

ufshcd_queuecommand() may be called two times in a row for a SCSI command
before it is completed. Hence make the following changes:

 - In the functions that submit a command, do not check the old value of
   lrbp->cmd nor clear lrbp->cmd in error paths.

 - In ufshcd_release_scsi_cmd(), do not clear lrbp->cmd.

See also scsi_send_eh_cmnd().

This commit prevents that the following appears if a command times out:

WARNING: at drivers/ufs/core/ufshcd.c:2965 ufshcd_queuecommand+0x6f8/0x9a8
Call trace:
 ufshcd_queuecommand+0x6f8/0x9a8
 scsi_send_eh_cmnd+0x2c0/0x960
 scsi_eh_test_devices+0x100/0x314
 scsi_eh_ready_devs+0xd90/0x114c
 scsi_error_handler+0x2b4/0xb70
 kthread+0x16c/0x1e0

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 6

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < f3ee24af62681b942bbd799ac77b90a6d7e1fdb1

Version 5a0b0cb9bee767ef10ff9ce2fb4141af06416288

Status affected

Version < 49234a401e161a2f2698f4612ab792c49b3cad1b

Version 5a0b0cb9bee767ef10ff9ce2fb4141af06416288

Status affected

Version < 549e91a9bbaa0ee480f59357868421a61d369770

Version 5a0b0cb9bee767ef10ff9ce2fb4141af06416288

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 3.12

Status affected

Version < 3.12

Version 0

Status unaffected

Version <= 6.3.*

Version 6.3.13

Status unaffected

Version <= 6.4.*

Version 6.4.4

Status unaffected

Version <= *

Version 6.5

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.044

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/49234a401e161a2f2698f4612ab792c49b3cad1b

https://git.kernel.org/stable/c/549e91a9bbaa0ee480f59357868421a61d369770

https://git.kernel.org/stable/c/f3ee24af62681b942bbd799ac77b90a6d7e1fdb1

https://nvd.nist.gov/vuln/detail/CVE-2023-53510

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-53510

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-53510

EUVD