Linux Kernel SCSI UFS BSG NULL Pointer Dereference Vulnerability

Vulnerability

A use-after-free vulnerability has been identified in the Linux kernel's SCSI UFS BSG (Block Storage Generic) implementation. The issue arises because the bsg_queue is not set to NULL after it has been removed, potentially leading to unauthorized access of freed memory. While this vulnerability does not currently cause any problems, the lack of proper nullification after removal could create risks in the future.

Impact

Exploitation of this vulnerability could lead to a use-after-free condition, allowing for memory corruption or arbitrary code execution.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel SCSI UFS BSG NULL Pointer Dereference Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating