Linux Kernel Vulnerability in UFS Driver for Google gs101
CVE-2025-39788
What is CVE-2025-39788?
A vulnerability has been identified in the Linux kernel affecting the UFS driver on Google gs101. This issue arises from the incorrect programming of the UTRL_NEXUS_TYPE due to improper shift operations. The driver attempts to set the number of UTP transfer request slots incorrectly by shifting the value of 1, which leads to undefined behavior as the shift exceeds the width of the integer type. The flaw has been addressed by employing the BIT() macro for proper type casting, ensuring that the value written to UTRL_NEXUS_TYPE is correct (0xffffffff on gs101). This fix also resolves a UBSAN shift warning related to out-of-bounds shifts, contributing to the stability and security of the system.
Affected Version(s)
Linux 55f4b1f73631a0817717fe6e98517de51b4c3527 < 01510a9e8222f11cce064410f3c2fcf0756c0a08
Linux 55f4b1f73631a0817717fe6e98517de51b4c3527 < 098b2c8ee208c77126839047b9e6e1925bb35baa
Linux 55f4b1f73631a0817717fe6e98517de51b4c3527