UFS Power Management Flaw in Linux Kernel Affecting Qualcomm Devices
CVE-2025-68236

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
16 December 2025

What is CVE-2025-68236?

A vulnerability has been identified in the Linux kernel's implementation of UFS (Universal Flash Storage) power management, specifically within the Qualcomm UFS controller. During the power shutdown sequence for UFS devices, the device firmware may trigger an excessive current draw that interacts improperly with the regulators. This can lead to overcurrent protection (OCP) faults if the power management sequence is not properly timed. To mitigate this issue, a delay of 10 milliseconds is introduced after the hardware reset assertion, ensuring that the power rails remain active until the reset routine completes. This fix aims to enhance the stability and reliability of UFS devices during shutdown procedures.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux b61d0414136853fc38898829cde837ce5d691a9a

Linux b61d0414136853fc38898829cde837ce5d691a9a < 5127be409c6c3815c4a7d8f6d88043e44f9b9543

Linux 82783759e88beee69b710806e45acbb2fc589801

References

https://git.kernel.org/stable/c/b712f234a74c1f5ce70b5d7ae...
https://git.kernel.org/stable/c/5127be409c6c3815c4a7d8f6d...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.