Linux Kernel Read-Only Device Handling Vulnerability in Memstick Mspro Block

Vulnerability

A vulnerability in the Linux kernel's memstick/mspro_block driver has been addressed. The issue involved improper management of read-only devices, which could lead to a reference leak. The vulnerability has been fixed by using the set_disk_ro function to correctly communicate the read-only status to the block layer, rather than relying on a manual check in the open function.

Impact

The vulnerability could cause a reference leak when handling read-only devices, potentially leading to resource management issues.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Read-Only Device Handling Vulnerability in Memstick Mspro Block

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating