CVE-2025-21656

In the Linux kernel, the following vulnerability has been resolved: hwmon: (drivetemp) Fix driver producing garbage data when SCSI errors occur scsi_execute_cmd() function can return both negative (linux codes) and positive (scsi_cmnd result field) error codes. Currently the driver just passes error codes of scsi_execute_cmd() to hwmon core, which is incorrect because hwmon only checks for negative error codes. This leads to hwmon reporting uninitialized data to userspace in case of SCSI errors (for example if the disk drive was disconnected). This patch checks scsi_execute_cmd() output and returns -EIO if it's error code is positive. [groeck: Avoid inline variable declaration for portability]

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/42268d885e44af875a6474f7bba519cc6cea6a9d	Patch
https://git.kernel.org/stable/c/53e25b10a28edaf8c2a1d3916fd8929501a50dfc	Patch
https://git.kernel.org/stable/c/82163d63ae7a4c36142cd252388737205bb7e4b9	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.13:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.13:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.13:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.13:rc4::::::
	cpe:2.3:o:linux:linux_kernel:6.13:rc5::::::
	cpe:2.3:o:linux:linux_kernel:6.13:rc6::::::

History

26 Sep 2025, 16:21

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
First Time		Linux Linux linux Kernel
CPE		cpe:2.3:o:linux:linux_kernel:6.13:rc4:::::: cpe:2.3:o:linux:linux_kernel:6.13:rc1:::::: cpe:2.3:o:linux:linux_kernel:6.13:rc2:::::: cpe:2.3:o:linux:linux_kernel:6.13:rc3:::::: cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:6.13:rc5:::::: cpe:2.3:o:linux:linux_kernel:6.13:rc6::::::
Summary		(es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: hwmon: (drivetemp) Se soluciona que el controlador produzca datos basura cuando se producen errores SCSI. La función scsi_execute_cmd() puede devolver códigos de error negativos (códigos de Linux) y positivos (campo de resultado scsi_cmnd). Actualmente, el controlador solo pasa los códigos de error de scsi_execute_cmd() al núcleo de hwmon, lo que es incorrecto porque hwmon solo verifica los códigos de error negativos. Esto hace que hwmon informe datos no inicializados al espacio de usuario en caso de errores SCSI (por ejemplo, si la unidad de disco se desconectó). Este parche verifica la salida de scsi_execute_cmd() y devuelve -EIO si su código de error es positivo. [groeck: Evite la declaración de variables en línea para la portabilidad]
CWE		NVD-CWE-noinfo
References	~~() https://git.kernel.org/stable/c/42268d885e44af875a6474f7bba519cc6cea6a9d -~~	() https://git.kernel.org/stable/c/42268d885e44af875a6474f7bba519cc6cea6a9d - Patch
References	~~() https://git.kernel.org/stable/c/53e25b10a28edaf8c2a1d3916fd8929501a50dfc -~~	() https://git.kernel.org/stable/c/53e25b10a28edaf8c2a1d3916fd8929501a50dfc - Patch
References	~~() https://git.kernel.org/stable/c/82163d63ae7a4c36142cd252388737205bb7e4b9 -~~	() https://git.kernel.org/stable/c/82163d63ae7a4c36142cd252388737205bb7e4b9 - Patch

21 Jan 2025, 13:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-01-21 13:15

Updated : 2025-09-26 16:21

NVD link : CVE-2025-21656

Mitre link : CVE-2025-21656

CVE.ORG link : CVE-2025-21656

JSON object : View

Products Affected

linux

linux_kernel

CWE

NVD-CWE-noinfo

5.5 /10