Linux Kernel SCSI Core Race Condition Vulnerability

Vulnerability

A race condition vulnerability has been identified in the Linux kernel's SCSI core, related to the timing of unloading and reloading kernel modules. This issue arises from a delayed removal of the /proc/scsi/${proc_name} directory, which can lead to a warning about a 'proc_dir_entry' already being registered. The vulnerability was introduced in 2009 and is now resolved by removing the directory earlier to prevent the race condition.

Impact

Exploitation of this vulnerability could lead to a kernel warning about a proc_dir_entry already being registered, indicating a potential issue with module management.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel SCSI Core Race Condition Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating