Linux Kernel ublk Argument Sanitization Vulnerability

Vulnerability

A vulnerability in the Linux kernel's ublk component has been addressed, which involved improper sanitization of arguments from userspace when adding a device. This vulnerability allowed for the possibility of invalid values for queue depth and the number of queues to be introduced from userspace, potentially leading to undesirable behavior or system instability.

Impact

The vulnerability could have allowed userspace to introduce invalid queue parameters, potentially leading to system instability or degraded performance.

Added: Jul 4, 2025, 4:03 PM

Updated: Jul 4, 2025, 4:03 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel ublk Argument Sanitization Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating