Description

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix racing issue between ufshcd_mcq_abort() and ISR If command timeout happens and cq complete IRQ is raised at the same time, ufshcd_mcq_abort clears lprb->cmd and a NULL pointer deref happens in the ISR. Error log: ufshcd_abort: Device abort task at tag 18 Unable to handle kernel NULL pointer dereference at virtual address 0000000000000108 pc : [0xffffffe27ef867ac] scsi_dma_unmap+0xc/0x44 lr : [0xffffffe27f1b898c] ufshcd_release_scsi_cmd+0x24/0x114

INFO

Published Date :

2024-05-21T15:31:03.040Z

Last Modified :

2025-05-04T07:43:10.175Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2023-52785 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2023-52785.

URL Resource
https://git.kernel.org/stable/c/27900d7119c464b43cd9eac69c85884d17bae240 cve-icon cve-icon
https://git.kernel.org/stable/c/8f15a7e3c054d960bbd1521110700450bbf798a1 cve-icon cve-icon
https://git.kernel.org/stable/c/f84d461f33a6b27304d468d9cfb56c0cefdb4ee7 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2024052154-CVE-2023-52785-8104@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2023-52785 cve-icon
https://www.cve.org/CVERecord?id=CVE-2023-52785 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact