CVE-2025-68316

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix invalid probe error return value After DME Link Startup, the error return value is set to the MIPI UniPro GenericErrorCode which can be 0 (SUCCESS) or 1 (FAILURE). Upon failure during driver probe, the error code 1 is propagated back to the driver probe function which must return a negative value to indicate an error, but 1 is not negative, so the probe is considered to be successful even though it failed. Subsequently, removing the driver results in an oops because it is not in a valid state. This happens because none of the callers of ufshcd_init() expect a non-negative error code. Fix the return value and documentation to match actual usage.

References

• https://git.kernel.org/stable/c/a2b32bc1d9e359a9f90d0de6af16699facb10935
• https://git.kernel.org/stable/c/df96dbe1af7f6591c09f862f1226d3619b07e1b6

FAQ

What is CVE-2025-68316?

CVE-2025-68316 is a documented vulnerability. In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix invalid probe error return value After DME Link Startup, the error return value is set to the MIPI UniPro Gen...

How severe is CVE-2025-68316?

CVSS scoring is not yet available for CVE-2025-68316. Check NVD for updates.

Is there a patch for CVE-2025-68316?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.