References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Known Affected Software Configurations Switch to CPE 2.2

Change History

NIST AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

NIST CWE-476

OR
     *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.3 up to (excluding) 6.12.5
     *cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:*

https://git.kernel.org/stable/c/64506b3d23a337e98a74b18dcb10c8619365f2bd No Types Assigned

https://git.kernel.org/stable/c/64506b3d23a337e98a74b18dcb10c8619365f2bd Patch

https://git.kernel.org/stable/c/f99cb5f6344ef93777fd3add7979ebf291a852df No Types Assigned

https://git.kernel.org/stable/c/f99cb5f6344ef93777fd3add7979ebf291a852df Patch

In the Linux kernel, the following vulnerability has been resolved:

scsi: ufs: qcom: Only free platform MSIs when ESI is enabled

Otherwise, it will result in a NULL pointer dereference as below:

Unable to handle kernel NULL pointer dereference at virtual address 0000000000000008
Call trace:
 mutex_lock+0xc/0x54
 platform_device_msi_free_irqs_all+0x14/0x20
 ufs_qcom_remove+0x34/0x48 [ufs_qcom]
 platform_remove+0x28/0x44
 device_remove+0x4c/0x80
 device_release_driver_internal+0xd8/0x178
 drive

https://git.kernel.org/stable/c/64506b3d23a337e98a74b18dcb10c8619365f2bd

https://git.kernel.org/stable/c/f99cb5f6344ef93777fd3add7979ebf291a852df