-
CVE-2025-68371
- EPSS 0.07%
- Veröffentlicht 24.12.2025 10:33:01
- Zuletzt bearbeitet 15.04.2026 00:35:42
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
scsi: smartpqi: Fix device resources accessed after device removal
In the Linux kernel, the following vulnerability has been resolved:
scsi: smartpqi: Fix device resources accessed after device removal
Correct possible race conditions during device removal.
Previously, a scheduled work item to reset a LUN could still execute
after the device was removed, leading to use-after-free and other
resource access issues.
This race condition occurs because the abort handler may schedule a LUN
reset concurrently with device removal via sdev_destroy(), leading to
use-after-free and improper access to freed resources.
- Check in the device reset handler if the device is still present in
the controller's SCSI device list before running; if not, the reset
is skipped.
- Cancel any pending TMF work that has not started in sdev_destroy().
- Ensure device freeing in sdev_destroy() is done while holding the
LUN reset mutex to avoid races with ongoing resets.Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
≫
Produkt
Linux
Default Statusunaffected
Version
2d80f4054f7f901b8ad97358a9069616ac8524c7
Version <
7dfa5a5516ec3c6b9b6c22ee18f0eb2df3f38ef2
Status
affected
Version
2d80f4054f7f901b8ad97358a9069616ac8524c7
Version <
6d2390653d82cad0e1ba2676e536dd99678f6ef1
Status
affected
Version
2d80f4054f7f901b8ad97358a9069616ac8524c7
Version <
eccc02ba1747501d92bb2049e3ce378ba372f641
Status
affected
Version
2d80f4054f7f901b8ad97358a9069616ac8524c7
Version <
4e1acf1b6dd6dd0495bda139daafd7a403ae2dc1
Status
affected
Version
2d80f4054f7f901b8ad97358a9069616ac8524c7
Version <
1a5c5a2f88e839af5320216a02ffb075b668596a
Status
affected
Version
2d80f4054f7f901b8ad97358a9069616ac8524c7
Version <
b518e86d1a70a88f6592a7c396cf1b93493d1aab
Status
affected
HerstellerLinux
≫
Produkt
Linux
Default Statusaffected
Version
6.0
Status
affected
Version
0
Version <
6.0
Status
unaffected
Version <=
6.1.*
Version
6.1.160
Status
unaffected
Version <=
6.6.*
Version
6.6.120
Status
unaffected
Version <=
6.12.*
Version
6.12.63
Status
unaffected
Version <=
6.17.*
Version
6.17.13
Status
unaffected
Version <=
6.18.*
Version
6.18.2
Status
unaffected
Version <=
*
Version
6.19
Status
unaffected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.07% | 0.208 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|