CVE-2025-39788

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> scsi: ufs: exynos: Fix programming of HCI_UTRL_NEXUS_TYPE<br /> <br /> On Google gs101, the number of UTP transfer request slots (nutrs) is 32,<br /> and in this case the driver ends up programming the UTRL_NEXUS_TYPE<br /> incorrectly as 0.<br /> <br /> This is because the left hand side of the shift is 1, which is of type<br /> int, i.e. 31 bits wide. Shifting by more than that width results in<br /> undefined behaviour.<br /> <br /> Fix this by switching to the BIT() macro, which applies correct type<br /> casting as required. This ensures the correct value is written to<br /> UTRL_NEXUS_TYPE (0xffffffff on gs101), and it also fixes a UBSAN shift<br /> warning:<br /> <br /> UBSAN: shift-out-of-bounds in drivers/ufs/host/ufs-exynos.c:1113:21<br /> shift exponent 32 is too large for 32-bit type &amp;#39;int&amp;#39;<br /> <br /> For consistency, apply the same change to the nutmrs / UTMRL_NEXUS_TYPE<br /> write.