CVE-2025-68371
Unknown Unknown - Not Provided
Use-After-Free in Linux Kernel smartpqi SCSI Device Removal

Publication date: 2025-12-24

Last updated on: 2025-12-24

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Fix device resources accessed after device removal Correct possible race conditions during device removal. Previously, a scheduled work item to reset a LUN could still execute after the device was removed, leading to use-after-free and other resource access issues. This race condition occurs because the abort handler may schedule a LUN reset concurrently with device removal via sdev_destroy(), leading to use-after-free and improper access to freed resources. - Check in the device reset handler if the device is still present in the controller's SCSI device list before running; if not, the reset is skipped. - Cancel any pending TMF work that has not started in sdev_destroy(). - Ensure device freeing in sdev_destroy() is done while holding the LUN reset mutex to avoid races with ongoing resets.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-24
Last Modified
2025-12-24
Generated
2026-06-16
AI Q&A
2025-12-24
EPSS Evaluated
2026-06-14
NVD
CVE-2025-68371
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a race condition in the Linux kernel's scsi smartpqi driver where device resources could be accessed after the device was removed. Specifically, a scheduled work item to reset a Logical Unit Number (LUN) could still execute after the device was removed, leading to use-after-free and improper access to freed resources. This happens because the abort handler may schedule a LUN reset concurrently with device removal, causing a race condition.

Impact Analysis

This vulnerability can lead to use-after-free errors and improper access to freed device resources, which may cause system instability, crashes, or potential security issues such as memory corruption or escalation of privileges if exploited.

Mitigation Strategies

To mitigate this vulnerability, update the Linux kernel to a version where the issue is fixed. The fix involves ensuring that device reset handlers check if the device is still present before executing, canceling any pending TMF work during device removal, and properly synchronizing device freeing with the LUN reset mutex to avoid race conditions. Applying the kernel patch or upgrade that includes these fixes will prevent use-after-free and resource access issues related to device removal.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-68371. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart