Primary

Context

Linux Kernel SCSI SG Driver Sleeping in Atomic Context Vulnerability

Vulnerability

Patched

A vulnerability in the Linux kernel's SCSI SG driver has been addressed. The issue arose because the function 'sg_finish_rem_req()' calls 'blk_rq_unmap_user()', which can sleep. To resolve this, 'sg_finish_rem_req()' is now called with interrupts enabled instead of disabled, preventing potential deadlocks in atomic context.

Impact

This vulnerability could lead to a deadlock by allowing a sleeping function to be called in an atomic context, where sleeping is not permitted.

Reproduction

The vulnerability can be reproduced by invoking the 'sg_remove_sfp_usercontext()' function in the SCSI SG driver. This function processes requests in a way that can cause 'sg_finish_rem_req()' to be called with interrupts disabled, creating a risk of deadlock.

Remediation

Users can apply the latest patches available in the Linux kernel stable tree to address this vulnerability.

Added: Dec 4, 2025, 4:32 PM

Updated: Dec 4, 2025, 5:32 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.7

remediation

7.7

relevance

1.3

threat

4.8

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.7

remediation

7.7

relevance

1.3

threat

4.8

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel SCSI SG Driver Sleeping in Atomic Context Vulnerability

Vulnerability

Impact

Reproduction

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating