CVE-2023-53510
Analyzed Analyzed - Analysis Complete
BaseFortify

Publication date: 2025-10-01

Last updated on: 2026-04-06

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix handling of lrbp->cmd ufshcd_queuecommand() may be called two times in a row for a SCSI command before it is completed. Hence make the following changes: - In the functions that submit a command, do not check the old value of lrbp->cmd nor clear lrbp->cmd in error paths. - In ufshcd_release_scsi_cmd(), do not clear lrbp->cmd. See also scsi_send_eh_cmnd(). This commit prevents that the following appears if a command times out: WARNING: at drivers/ufs/core/ufshcd.c:2965 ufshcd_queuecommand+0x6f8/0x9a8 Call trace: ufshcd_queuecommand+0x6f8/0x9a8 scsi_send_eh_cmnd+0x2c0/0x960 scsi_eh_test_devices+0x100/0x314 scsi_eh_ready_devs+0xd90/0x114c scsi_error_handler+0x2b4/0xb70 kthread+0x16c/0x1e0
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-01
Last Modified
2026-04-06
Generated
2026-05-07
AI Q&A
2025-10-01
EPSS Evaluated
2026-05-05
NVD
CVE-2023-53510
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
linux linux_kernel From 3.12 (inc) to 6.3.13 (exc)
linux linux_kernel From 6.4 (inc) to 6.4.4 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-415 The product calls free() twice on the same memory address.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability involves the Linux kernel's handling of SCSI commands in the UFS (Universal Flash Storage) driver. Specifically, the function ufshcd_queuecommand() may be called twice consecutively for the same SCSI command before it is completed, which can cause improper handling of the command state (lrbp->cmd). The fix involves changing how the command state is checked and cleared to prevent errors and warnings related to command timeouts.


How can this vulnerability impact me? :

If unpatched, this vulnerability could lead to warnings and potential instability in the Linux kernel's UFS driver when SCSI commands time out or are mishandled. This could affect system reliability and performance, especially in systems relying on UFS storage devices.


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by monitoring the system logs for specific warning messages related to the ufshcd_queuecommand function. Look for warnings such as: "WARNING: at drivers/ufs/core/ufshcd.c:2965 ufshcd_queuecommand+0x6f8/0x9a8" You can use commands like: - dmesg | grep ufshcd_queuecommand - journalctl -k | grep ufshcd_queuecommand to check for these warnings in the kernel logs, which indicate the issue occurring.


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation involves updating the Linux kernel to a version where this vulnerability is fixed. The fix involves changes to the handling of lrbp->cmd in the ufshcd_queuecommand and ufshcd_release_scsi_cmd functions to prevent multiple calls for the same SCSI command before completion and avoid clearing lrbp->cmd improperly. Applying the patch or upgrading to the fixed kernel version will mitigate the issue.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart