CVE-2025-38119
- Source
- https://cve.org/CVERecord?id=CVE-2025-38119
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38119.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-38119
- Downstream
- Related
- Published
- 2025-07-03T08:35:26.616Z
- Modified
- 2026-05-28T03:54:27.931860004Z
- Summary
- scsi: core: ufs: Fix a hang in the error handler
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
scsi: core: ufs: Fix a hang in the error handler
ufshcderrhandlingprepare() calls ufshcdrpmgetsync(). The latter function can only succeed if UFSHCDEHINPROGRESS is not set because resuming involves submitting a SCSI command and ufshcdqueuecommand() returns SCSIMLQUEUEHOSTBUSY if UFSHCDEHINPROGRESS is set. Fix this hang by setting UFSHCDEHINPROGRESS after ufshcdrpmgetsync() has been called instead of before.
Backtrace: __switch_to+0x174/0x338 __schedule+0x600/0x9e4 schedule+0x7c/0xe8 scheduletimeout+0xa4/0x1c8 ioscheduletimeout+0x48/0x70 waitfor_commonio+0xa8/0x160 //waiting on STARTSTOP waitforcompletioniotimeout+0x10/0x20 blkexecuterq+0xe4/0x1e4 scsiexecutecmd+0x108/0x244 ufshcdsetdevpwrmode+0xe8/0x250 __ufshcdwlresume+0x94/0x354 ufshcdwlruntimeresume+0x3c/0x174 scsiruntimeresume+0x64/0xa4 rpmresume+0x15c/0xa1c _pmruntimeresume+0x4c/0x90 // Runtime resume ongoing ufshcderrhandler+0x1a0/0xd08 processonework+0x174/0x808 workerthread+0x15c/0x490 kthread+0xf4/0x1ec retfromfork+0x10/0x20
[ bvanassche: rewrote patch description ]
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38119.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/21f071261f946c5ca1adf378f818082a112b34d2
- https://git.kernel.org/stable/c/3464a707d137efc8aea1d4ae234d26a28d82b78c
- https://git.kernel.org/stable/c/8a3514d348de87a9d5e2ac00fbac4faae0b97996
- https://git.kernel.org/stable/c/bb37f795d01961286b8f768a6d7152f32b589067
- https://git.kernel.org/stable/c/ded80255c59a57cd3270d98461f6508730f9767c
- https://git.kernel.org/stable/c/f210ea4e7a790c9f5e613e5302175abd539fe9d5
- https://git.kernel.org/stable/c/f592eb12b43f21dbc972cbe583a12d256901e569
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38119.json
- https://nvd.nist.gov/vuln/detail/CVE-2025-38119
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced62694735ca95c74dac4eb9068d59801ac0ddebafFixedf210ea4e7a790c9f5e613e5302175abd539fe9d5Fixedf592eb12b43f21dbc972cbe583a12d256901e569Fixedded80255c59a57cd3270d98461f6508730f9767cFixed21f071261f946c5ca1adf378f818082a112b34d2Fixed3464a707d137efc8aea1d4ae234d26a28d82b78cFixedbb37f795d01961286b8f768a6d7152f32b589067Fixed8a3514d348de87a9d5e2ac00fbac4faae0b97996
Linux / Kernel
Package
- Name
- Kernel
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced3.12.0Fixed5.10.248
- Type
- ECOSYSTEM
- Events
-
Introduced5.11.0Fixed5.15.186
- Type
- ECOSYSTEM
- Events
-
Introduced5.16.0Fixed6.1.142
- Type
- ECOSYSTEM
- Events
-
Introduced6.2.0Fixed6.6.94
- Type
- ECOSYSTEM
- Events
-
Introduced6.7.0Fixed6.12.34
- Type
- ECOSYSTEM
- Events
-
Introduced6.13.0Fixed6.15.3