Skip to content

In the Linux kernel, the following vulnerability has been...

Unreviewed Published Apr 10, 2024 to the GitHub Advisory Database

Package

No package listedSuggest a package

Affected versions

Unknown

Patched versions

Unknown

Description

In the Linux kernel, the following vulnerability has been resolved:

scsi: ufs: core: Improve SCSI abort handling

The following has been observed on a test setup:

WARNING: CPU: 4 PID: 250 at drivers/scsi/ufs/ufshcd.c:2737 ufshcd_queuecommand+0x468/0x65c
Call trace:
ufshcd_queuecommand+0x468/0x65c
scsi_send_eh_cmnd+0x224/0x6a0
scsi_eh_test_devices+0x248/0x418
scsi_eh_ready_devs+0xc34/0xe58
scsi_error_handler+0x204/0x80c
kthread+0x150/0x1b4
ret_from_fork+0x10/0x30

That warning is triggered by the following statement:

WARN_ON(lrbp->cmd);

Fix this warning by clearing lrbp->cmd from the abort handler.

References

Published by the National Vulnerability Database Apr 10, 2024
Published to the GitHub Advisory Database Apr 10, 2024

Severity

Unknown

Weaknesses

No CWEs

CVE ID

CVE-2021-47188

GHSA ID

GHSA-c87m-qf5q-jcgf

Source code

No known source code

Dependabot alerts are not supported on this advisory because it does not have a package from a supported ecosystem with an affected and fixed version.

Learn more about GitHub language support

Checking history
See something to contribute? Suggest improvements for this vulnerability.