CVE-2024-46843

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-46843
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-46843.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-46843
Downstream
Related
Published
2024-09-27T12:39:37Z
Modified
2025-10-15T15:37:15.996246Z
Summary
scsi: ufs: core: Remove SCSI host only if added
Details

In the Linux kernel, the following vulnerability has been resolved:

scsi: ufs: core: Remove SCSI host only if added

If host tries to remove ufshcd driver from a UFS device it would cause a kernel panic if ufshcdasyncscan fails during ufshcdprobehba before adding a SCSI host with scsiaddhost and MCQ is enabled since SCSI host has been defered after MCQ configuration introduced by commit 0cab4023ec7b ("scsi: ufs: core: Defer adding host to SCSI if MCQ is supported").

To guarantee that SCSI host is removed only if it has been added, set the scsihostadded flag to true after adding a SCSI host and check whether it is set or not before removing it.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
0cab4023ec7b49b18145f74ab8389678d6d58878
Fixed
2f49e05d6b58d660f035a75ff96b77071b4bd5ed
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
0cab4023ec7b49b18145f74ab8389678d6d58878
Fixed
3844586e9bd9845140e1078f1e61896b576ac536
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
0cab4023ec7b49b18145f74ab8389678d6d58878
Fixed
7cbff570dbe8907e23bba06f6414899a0fbb2fcc

Affected versions

v6.*

v6.10
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.10.1
v6.10.2
v6.10.3
v6.10.4
v6.10.5
v6.10.6
v6.10.7
v6.10.8
v6.10.9
v6.2
v6.2-rc2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.3
v6.3-rc1
v6.3-rc2
v6.3-rc3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.5
v6.5-rc1
v6.5-rc2
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.6.1
v6.6.10
v6.6.11
v6.6.12
v6.6.13
v6.6.14
v6.6.15
v6.6.16
v6.6.17
v6.6.18
v6.6.19
v6.6.2
v6.6.20
v6.6.21
v6.6.22
v6.6.23
v6.6.24
v6.6.25
v6.6.26
v6.6.27
v6.6.28
v6.6.29
v6.6.3
v6.6.30
v6.6.31
v6.6.32
v6.6.33
v6.6.34
v6.6.35
v6.6.36
v6.6.37
v6.6.38
v6.6.39
v6.6.4
v6.6.40
v6.6.41
v6.6.42
v6.6.43
v6.6.44
v6.6.45
v6.6.46
v6.6.47
v6.6.48
v6.6.49
v6.6.5
v6.6.50
v6.6.6
v6.6.7
v6.6.8
v6.6.9
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7

Database specific

{
    "vanir_signatures": [
        {
            "id": "CVE-2024-46843-07dac3c3",
            "signature_type": "Line",
            "target": {
                "file": "drivers/ufs/core/ufshcd.c"
            },
            "signature_version": "v1",
            "digest": {
                "line_hashes": [
                    "111546547245746906288789565155421553310",
                    "138083082231193833754291144100535772702",
                    "94493838131217671593983911562057346071",
                    "158352577355581753984159098542272980037",
                    "154717263137701410297681803541168901768",
                    "235952879257608377207039917540510518203",
                    "163179339581027475553906552443465079991",
                    "75216864321240538068760518094080836353",
                    "312562440971974443603299146341130338627",
                    "97973824213435725820053022752272003394",
                    "79786388409430833995873911721492563693",
                    "5373770484292972939131922527671526387"
                ],
                "threshold": 0.9
            },
            "deprecated": false,
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7cbff570dbe8907e23bba06f6414899a0fbb2fcc"
        },
        {
            "id": "CVE-2024-46843-3e4f31f4",
            "signature_type": "Function",
            "target": {
                "file": "drivers/ufs/core/ufshcd.c",
                "function": "ufshcd_init"
            },
            "signature_version": "v1",
            "digest": {
                "length": 4376.0,
                "function_hash": "204407945477086122848811841392466438640"
            },
            "deprecated": false,
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2f49e05d6b58d660f035a75ff96b77071b4bd5ed"
        },
        {
            "id": "CVE-2024-46843-6374b0f0",
            "signature_type": "Function",
            "target": {
                "file": "drivers/ufs/core/ufshcd.c",
                "function": "ufshcd_remove"
            },
            "signature_version": "v1",
            "digest": {
                "length": 378.0,
                "function_hash": "116750285680960752662983629366288287627"
            },
            "deprecated": false,
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7cbff570dbe8907e23bba06f6414899a0fbb2fcc"
        },
        {
            "id": "CVE-2024-46843-8e71c822",
            "signature_type": "Function",
            "target": {
                "file": "drivers/ufs/core/ufshcd.c",
                "function": "ufshcd_init"
            },
            "signature_version": "v1",
            "digest": {
                "length": 4400.0,
                "function_hash": "58320422025605538584985804863263495670"
            },
            "deprecated": false,
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7cbff570dbe8907e23bba06f6414899a0fbb2fcc"
        },
        {
            "id": "CVE-2024-46843-92b550ee",
            "signature_type": "Function",
            "target": {
                "file": "drivers/ufs/core/ufshcd.c",
                "function": "ufshcd_remove"
            },
            "signature_version": "v1",
            "digest": {
                "length": 378.0,
                "function_hash": "116750285680960752662983629366288287627"
            },
            "deprecated": false,
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2f49e05d6b58d660f035a75ff96b77071b4bd5ed"
        },
        {
            "id": "CVE-2024-46843-dc08c356",
            "signature_type": "Line",
            "target": {
                "file": "drivers/ufs/core/ufshcd.c"
            },
            "signature_version": "v1",
            "digest": {
                "line_hashes": [
                    "111546547245746906288789565155421553310",
                    "138083082231193833754291144100535772702",
                    "94493838131217671593983911562057346071",
                    "158352577355581753984159098542272980037",
                    "154717263137701410297681803541168901768",
                    "235952879257608377207039917540510518203",
                    "163179339581027475553906552443465079991",
                    "75216864321240538068760518094080836353",
                    "312562440971974443603299146341130338627",
                    "97973824213435725820053022752272003394",
                    "79786388409430833995873911721492563693",
                    "5373770484292972939131922527671526387"
                ],
                "threshold": 0.9
            },
            "deprecated": false,
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2f49e05d6b58d660f035a75ff96b77071b4bd5ed"
        }
    ]
}

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.3.0
Fixed
6.6.51
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.10.10