Home

Description

In the Linux kernel, the following vulnerability has been resolved: scsi: Revert "scsi: core: Do not increase scsi_device's iorequest_cnt if dispatch failed" The "atomic_inc(&cmd->device->iorequest_cnt)" in scsi_queue_rq() would cause kernel panic because cmd->device may be freed after returning from scsi_dispatch_cmd(). This reverts commit cfee29ffb45b1c9798011b19d454637d1b0fe87d.

PUBLISHED Reserved 2025-10-04 | Published 2025-10-04 | Updated 2025-10-04 | Assigner Linux

Product status

Default status
unaffected

cfee29ffb45b1c9798011b19d454637d1b0fe87d before 35fe6fa57b994e7da222893adf0bb748d6055e73
affected

cfee29ffb45b1c9798011b19d454637d1b0fe87d before 6ca9818d1624e136a76ae8faedb6b6c95ca66903
affected

Default status
affected

6.2
affected

Any version before 6.2
unaffected

6.3.4
unaffected

6.4
unaffected

References

git.kernel.org/...c/35fe6fa57b994e7da222893adf0bb748d6055e73

git.kernel.org/...c/6ca9818d1624e136a76ae8faedb6b6c95ca66903

cve.org (CVE-2023-53609)

nvd.nist.gov (CVE-2023-53609)

Download JSON