Primary

Context

Linux Kernel UFS SCSI Driver WARN_ON_ONCE Removal Vulnerability

Vulnerability

Patched

A vulnerability in the Linux kernel's UFS SCSI driver has been addressed by removing a WARN_ON_ONCE() call from the UIC command completion function. The issue arose because the UIC completion interrupt could be disabled while a command was being processed. When the interrupt was reenabled, it triggered a warning due to the absence of a command, indicating a potential flaw in the interrupt handling process.

Impact

The removal of the WARN_ON_ONCE() call prevents unnecessary warning messages from being generated, which could obscure more critical issues that may arise during UIC command processing.

Added: Sep 15, 2025, 1:19 PM

Updated: Sep 15, 2025, 9:53 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.0

exploitability

4.0

remediation

7.7

relevance

0.5

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.0

exploitability

4.0

remediation

7.7

relevance

0.5

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel UFS SCSI Driver WARN_ON_ONCE Removal Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating