Linux Kernel UFS Driver Exception Handling Flush Vulnerability

A vulnerability in the Linux kernel's UFS (Universal Flash Storage) core driver has been addressed. The issue arose because the driver did not properly flush exception handling tasks when the runtime power management (RPM) level was set to zero. In this state, the device remained active, but the driver could inadvertently access the host controller after the system had entered a deep power-down, leading to a crash. The vulnerability has been fixed by ensuring that exception tasks are completed and preventing unauthorized hardware access during the power-down process.

Impact

The vulnerability could cause a system crash by creating a race condition where the UFS driver accesses the host controller after the system has entered a deep power-down state.

Reproduction

The vulnerability can be reproduced by allowing the UFS driver to handle exceptions while the system is in a deep power-down state. This can occur when the runtime power management level is set to zero, and the driver bypasses flushing exception handling jobs, creating a race condition that leads to a system crash.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed.