CVE-2025-68224

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A regression was introduced in the Linux kernel due to a commit (995412e23bb2) related to SCSI core functionality and tag iterators. This regression is triggered by the scsi host busy() function. The issue arises because the SCSI host tag set is checked for initialization within scsi host busy(). The fix ensures that scsi host busy() verifies whether the SCSI host tag set has been initialized before proceeding. This fix is based on the assumption that calls to scsi host busy() and scsi mq setup tags() are serialized, which is the case in the UFS driver. The commit message for a related issue, CVE-2025-68224, explicitly identifies the commit that introduced the regression.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.