AZL-64562

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-64562.json

JSON Data

https://api.test.osv.dev/v1/vulns/AZL-64562

Upstream

CVE-2025-38119

Published

2025-07-03T09:15:25Z

Modified

2026-04-01T05:20:21.585033Z

Summary

CVE-2025-38119 affecting package kernel for versions less than 6.6.96.1-1

Details

In the Linux kernel, the following vulnerability has been resolved:

scsi: core: ufs: Fix a hang in the error handler

ufshcderrhandlingprepare() calls ufshcdrpmgetsync(). The latter function can only succeed if UFSHCDEHINPROGRESS is not set because resuming involves submitting a SCSI command and ufshcdqueuecommand() returns SCSIMLQUEUEHOSTBUSY if UFSHCDEHINPROGRESS is set. Fix this hang by setting UFSHCDEHINPROGRESS after ufshcdrpmgetsync() has been called instead of before.

Backtrace: __switch_to+0x174/0x338 __schedule+0x600/0x9e4 schedule+0x7c/0xe8 scheduletimeout+0xa4/0x1c8 ioscheduletimeout+0x48/0x70 waitfor_commonio+0xa8/0x160 //waiting on STARTSTOP waitforcompletioniotimeout+0x10/0x20 blkexecuterq+0xe4/0x1e4 scsiexecutecmd+0x108/0x244 ufshcdsetdevpwrmode+0xe8/0x250 __ufshcdwlresume+0x94/0x354 ufshcdwlruntimeresume+0x3c/0x174 scsiruntimeresume+0x64/0xa4 rpmresume+0x15c/0xa1c _pmruntimeresume+0x4c/0x90 // Runtime resume ongoing ufshcderrhandler+0x1a0/0xd08 processonework+0x174/0x808 workerthread+0x15c/0x490 kthread+0xf4/0x1ec retfromfork+0x10/0x20

[ bvanassche: rewrote patch description ]

References

https://nvd.nist.gov/vuln/detail/CVE-2025-38119

Affected packages

Azure Linux:3 / kernel

Package

Name: kernel
Purl: pkg:rpm/azure-linux/kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.6.96.1-1

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-64562.json"