Critical Vulnerability Information Vulnerability Type: use-after-free (UAF) Affected Component: in the Marvell SAS/SATA controller driver ( ) Issue Description: - When the controller disconnects, the original code calls in to cancel the delayed work item . - If is already running, may fail to cancel it, leading to continuing to execute after has been freed in . This results in an attempt to access the already-freed , causing a UAF vulnerability. Fix: - Replace with to ensure the delayed work item is properly canceled, and any currently executing delayed work completes before is freed. Discovery Method: Static Analysis Related Commits: - Fixing Commit: - Current Commit: Author and Submitter: - Author: Duoming Zhou () - Submitter: Greg Kroah-Hartman ()