CVE-2025-39788
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-11

Last updated on: 2025-11-03

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: exynos: Fix programming of HCI_UTRL_NEXUS_TYPE On Google gs101, the number of UTP transfer request slots (nutrs) is 32, and in this case the driver ends up programming the UTRL_NEXUS_TYPE incorrectly as 0. This is because the left hand side of the shift is 1, which is of type int, i.e. 31 bits wide. Shifting by more than that width results in undefined behaviour. Fix this by switching to the BIT() macro, which applies correct type casting as required. This ensures the correct value is written to UTRL_NEXUS_TYPE (0xffffffff on gs101), and it also fixes a UBSAN shift warning: UBSAN: shift-out-of-bounds in drivers/ufs/host/ufs-exynos.c:1113:21 shift exponent 32 is too large for 32-bit type 'int' For consistency, apply the same change to the nutmrs / UTMRL_NEXUS_TYPE write.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-11
Last Modified
2025-11-03
Generated
2026-05-27
AI Q&A
2025-09-11
EPSS Evaluated
2026-05-25
NVD
CVE-2025-39788
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
linux kernel 5.10.244-1
linux kernel 6.1.153-1
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is a programming error in the Linux kernel's UFS driver for the Exynos platform, specifically on the Google gs101 chip. The driver incorrectly programs the UTRL_NEXUS_TYPE register due to an improper bit shift operation that causes undefined behavior. The issue arises because the code shifts an int type by 32 bits, which is beyond its width, leading to incorrect values being written. The fix involves using a BIT() macro that correctly casts the type and ensures the proper value is set, preventing the undefined behavior and related warnings.


How can this vulnerability impact me? :

The vulnerability causes incorrect programming of hardware registers in the UFS driver, which could lead to unexpected behavior or instability in the UFS storage subsystem on affected devices like the Google gs101. This might result in data transfer issues or system instability related to UFS storage operations.


What immediate steps should I take to mitigate this vulnerability?

Update the Linux kernel to a version that includes the fix for this vulnerability, which corrects the programming of HCI_UTRL_NEXUS_TYPE in the ufs-exynos driver. This fix addresses the incorrect shift operation causing undefined behavior. Applying the kernel patch or upgrading to a fixed kernel version will mitigate the issue.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart