Linux Kernel PM Resume Warning Vulnerability in Broadcom NAND Controller

Vulnerability

A warning during power management resume has been fixed in the Linux kernel's handling of Broadcom NAND controllers. This warning was triggered by an uninitialized structure in the NAND operation, specifically the chip select field. The issue arose in version 6.14.0-rc4, where the 'nand_reset_op' function did not properly initialize the operation before resuming, leading to a warning about the chip select being out of range. The fix involves using a higher-level 'nand_reset' function that is compliant with the controller's support for single-die NAND chips.

Impact

The vulnerability could lead to improper handling of NAND operations during power management transitions, potentially causing issues with NAND chip communication or data integrity.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.0

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.0

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel PM Resume Warning Vulnerability in Broadcom NAND Controller

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating