The Serial Attached SCSI implementation in the Linux kernel through 4.15.9 mishandles a mutex within libsas, which allows local users to cause a denial of service by triggering certain error-handling code.