ghsa-5xh2-79x5-2x6c
Vulnerability from github
Published
2024-05-17 15:31
Modified
2024-05-17 15:31
Details

In the Linux kernel, the following vulnerability has been resolved:

md/md-bitmap: fix incorrect usage for sb_index

Commit d7038f951828 ("md-bitmap: don't use ->index for pages backing the bitmap file") removed page->index from bitmap code, but left wrong code logic for clustered-md. current code never set slot offset for cluster nodes, will sometimes cause crash in clustered env.

Call trace (partly): md_bitmap_file_set_bit+0x110/0x1d8 [md_mod] md_bitmap_startwrite+0x13c/0x240 [md_mod] raid1_make_request+0x6b0/0x1c08 [raid1] md_handle_request+0x1dc/0x368 [md_mod] md_submit_bio+0x80/0xf8 [md_mod] __submit_bio+0x178/0x300 submit_bio_noacct_nocheck+0x11c/0x338 submit_bio_noacct+0x134/0x614 submit_bio+0x28/0xdc submit_bh_wbc+0x130/0x1cc submit_bh+0x1c/0x28

Show details on source website

To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2024-35787"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-17T13:15:58Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/md-bitmap: fix incorrect usage for sb_index\n\nCommit d7038f951828 (\"md-bitmap: don\u0027t use -\u003eindex for pages backing the\nbitmap file\") removed page-\u003eindex from bitmap code, but left wrong code\nlogic for clustered-md. current code never set slot offset for cluster\nnodes, will sometimes cause crash in clustered env.\n\nCall trace (partly):\n md_bitmap_file_set_bit+0x110/0x1d8 [md_mod]\n md_bitmap_startwrite+0x13c/0x240 [md_mod]\n raid1_make_request+0x6b0/0x1c08 [raid1]\n md_handle_request+0x1dc/0x368 [md_mod]\n md_submit_bio+0x80/0xf8 [md_mod]\n __submit_bio+0x178/0x300\n submit_bio_noacct_nocheck+0x11c/0x338\n submit_bio_noacct+0x134/0x614\n submit_bio+0x28/0xdc\n submit_bh_wbc+0x130/0x1cc\n submit_bh+0x1c/0x28",
  "id": "GHSA-5xh2-79x5-2x6c",
  "modified": "2024-05-17T15:31:08Z",
  "published": "2024-05-17T15:31:08Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35787"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/55e55eb65fd5e09faf5a0e49ffcdd37905aaf4da"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/5a95815b17428ce2f56ec18da5e0d1b2a1a15240"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/736ad6c577a367834118f57417038d45bb5e0a31"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ecbd8ebb51bf7e4939d83b9e6022a55cac44ef06"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.