You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
ufs driver
About this tag
The ufs driver tag covers discussions about the Universal Flash Storage (UFS) driver in the Linux kernel, with a focus on security vulnerabilities and bug fixes. Recent threads detail two CVEs: CVE-2023-53387, a use-after-free bug in the UFS host controller driver that could cause kernel panics during error handling, and CVE-2025-37826, a missing NULL check in the UFS SCSI stack. Both issues have been patched in upstream Linux. The content also references Microsoft's Azure Linux as a potentially affected product. These threads are relevant for developers, system administrators, and IT professionals managing Linux systems with UFS storage, particularly on ARM-based mobile and embedded devices.
A subtle but dangerous bug in the Linux UFS driver — tracked as CVE-2023-53387 — has been quietly fixed in upstream kernel code after a stack-allocated completion structure could be referenced after its lifetime, causing hard kernel panics during UFS error handling. The flaw stems from the UFS...
The Linux kernel fix tracked as CVE-2025-37826 corrects a missing NULL check in the UFS SCSI stack (ufshcd_mcq_compl_pending_transfer), and Microsoft’s public advisory notes that Azure Linux includes the open-source component and is therefore potentially affected — but that wording is a...