fkie_cve-2025-22124
Vulnerability from fkie_nvd
Published
2025-04-16 15:16
Modified
2025-04-17 20:22
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: md/md-bitmap: fix wrong bitmap_limit for clustermd when write sb In clustermd, separate write-intent-bitmaps are used for each cluster node: 0 4k 8k 12k ------------------------------------------------------------------- | idle | md super | bm super [0] + bits | | bm bits[0, contd] | bm super[1] + bits | bm bits[1, contd] | | bm super[2] + bits | bm bits [2, contd] | bm super[3] + bits | | bm bits [3, contd] | | | So in node 1, pg_index in __write_sb_page() could equal to bitmap->storage.file_pages. Then bitmap_limit will be calculated to 0. md_super_write() will be called with 0 size. That means the first 4k sb area of node 1 will never be updated through filemap_write_page(). This bug causes hang of mdadm/clustermd_tests/01r1_Grow_resize. Here use (pg_index % bitmap->storage.file_pages) to make calculation of bitmap_limit correct.
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/6130825f34d41718c98a9b1504a79a23e379701e
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/bc3a9788961631359527763d7e1fcf26554c7cb1
Impacted products
Vendor Product Version


To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/md-bitmap: fix wrong bitmap_limit for clustermd when write sb\n\nIn clustermd, separate write-intent-bitmaps are used for each cluster\nnode:\n\n0                    4k                     8k                    12k\n-------------------------------------------------------------------\n| idle                | md super            | bm super [0] + bits |\n| bm bits[0, contd]   | bm super[1] + bits  | bm bits[1, contd]   |\n| bm super[2] + bits  | bm bits [2, contd]  | bm super[3] + bits  |\n| bm bits [3, contd]  |                     |                     |\n\nSo in node 1, pg_index in __write_sb_page() could equal to\nbitmap-\u003estorage.file_pages. Then bitmap_limit will be calculated to\n0. md_super_write() will be called with 0 size.\nThat means the first 4k sb area of node 1 will never be updated\nthrough filemap_write_page().\nThis bug causes hang of mdadm/clustermd_tests/01r1_Grow_resize.\n\nHere use (pg_index % bitmap-\u003estorage.file_pages) to make calculation\nof bitmap_limit correct."
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: md/md-bitmap: corrige bitmap_limit incorrecto para clustermd al escribir sb En clustermd, se usan mapas de bits de intenci\u00f3n de escritura separados para cada nodo del cl\u00faster: 0 4k 8k 12k ------------------------------------------------------------------- | idle | md super | bm super [0] + bits | | bm bits[0, contd] | bm super[1] + bits | bm bits[1, contd] | | bm super[2] + bits | bm bits [2, contd] | bm super[3] + bits | | bm bits [3, contd] | | | Entonces, en el nodo 1, pg_index en __write_sb_page() podr\u00eda ser igual a bitmap-\u0026gt;storage.file_pages. Entonces, bitmap_limit se calcular\u00e1 como 0. md_super_write() se llamar\u00e1 con un tama\u00f1o de 0. Esto significa que la primera \u00e1rea de 4k del nodo 1 nunca se actualizar\u00e1 mediante filemap_write_page(). Este error provoca el bloqueo de mdadm/clustermd_tests/01r1_Grow_resize. En este caso, utilice (pg_index % bitmap-\u0026gt;storage.file_pages) para que el c\u00e1lculo de bitmap_limit sea correcto."
    }
  ],
  "id": "CVE-2025-22124",
  "lastModified": "2025-04-17T20:22:16.240",
  "metrics": {},
  "published": "2025-04-16T15:16:06.540",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/6130825f34d41718c98a9b1504a79a23e379701e"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/bc3a9788961631359527763d7e1fcf26554c7cb1"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Awaiting Analysis"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.