CVE-2024-46843

Updated: 2026-02-27 02:26:47.992357

Description:

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Remove SCSI host only if added If host tries to remove ufshcd driver from a UFS device it would cause a kernel panic if ufshcd_async_scan fails during ufshcd_probe_hba before adding a SCSI host with scsi_add_host and MCQ is enabled since SCSI host has been defered after MCQ configuration introduced by commit 0cab4023ec7b ("scsi: ufs: core: Defer adding host to SCSI if MCQ is supported"). To guarantee that SCSI host is removed only if it has been added, set the scsi_host_added flag to true after adding a SCSI host and check whether it is set or not before removing it.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0.0
CVSS Version 3.x MEDIUM 5.5

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement
AlmaLinux 9.2 ESU kernel 5.14.0 5.5 MEDIUM Ignored 2024-10-16 23:53:08 This issue is confined to the UFS SCSI host driver and only leads to a denial of service (kernel pan...
CentOS 6 ELS kernel 2.6.32 5.5 MEDIUM Ignored 2024-10-16 23:53:08 Ignored due to low severity
CentOS 7 ELS kernel 3.10.0 5.5 MEDIUM Ignored 2024-10-16 23:53:06 Ignored due to low severity
CentOS 8.4 ELS kernel 4.18.0 5.5 MEDIUM Ignored 2024-10-16 23:53:06 Ignored due to low severity
CentOS 8.5 ELS kernel 4.18.0 5.5 MEDIUM Ignored 2024-10-16 23:53:07 Ignored due to low severity
CentOS Stream 8 ELS kernel 4.18.0 5.5 MEDIUM Ignored 2024-10-16 23:53:05 Ignored due to low severity
CloudLinux 6 ELS kernel 2.6.32 5.5 MEDIUM Ignored 2024-10-16 23:53:08 Ignored due to low severity
CloudLinux 7 ELS kernel 3.10.0 5.5 MEDIUM Ignored 2024-10-16 23:53:05 Ignored due to low severity
Oracle Linux 6 ELS kernel 2.6.32 5.5 MEDIUM Ignored 2024-10-16 23:53:06 Ignored due to low severity
Oracle Linux 7 ELS kernel 3.10.0 5.5 MEDIUM Ignored 2024-12-03 12:09:16 Ignored due to low severity
Total: 14