Volerion logoVolerion
Volerion logoVolerion

Linux Kernel Marvell SAS/SATA Controller Use-After-Free Vulnerability in mvsas SCSI Driver

Vulnerability

A use-after-free vulnerability has been identified in the Linux kernel's SCSI mvsas driver, specifically during the detachment of Marvell's SAS/SATA controller. The issue arises because the function mvs_free() attempts to cancel a delayed work item associated with the controller. If this work item is already being processed, the cancellation may fail, leading to a race condition. As a result, mvs_free() can free a data structure while the delayed work callback is still accessing it, creating a use-after-free scenario. This vulnerability was discovered through static analysis.

Impact

Exploitation of this vulnerability creates a use-after-free condition, where a freed memory area is accessed, potentially leading to arbitrary code execution or memory corruption.

Remediation

The vulnerability has been fixed in the Linux kernel. Users should upgrade to the latest version available in the Linux kernel stable tree.

Added: Oct 18, 2025, 8:23 AM
Updated: Oct 18, 2025, 8:23 AM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
0.6
exploitability
3.5
remediation
7.7
relevance
0.7
threat
3.2
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.