CVE-2025-38451
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
md/md-bitmap: fix GPF in bitmap_get_stats()
The commit message of commit 6ec1f0239485 ("md/md-bitmap: fix stats collection for external bitmaps") states:
Remove the external bitmap check as the statistics should be
available regardless of bitmap storage location.
Return -EINVAL only for invalid bitmap with no storage (neither in
superblock nor in external file).
But, the code does not adhere to the above, as it does only check for a valid super-block for "internal" bitmaps. Hence, we observe:
Oops: GPF, probably for non-canonical address 0x1cd66f1f40000028 RIP: 0010:bitmap_get_stats+0x45/0xd0 Call Trace:
seq_read_iter+0x2b9/0x46a seq_read+0x12f/0x180 proc_reg_read+0x57/0xb0 vfs_read+0xf6/0x380 ksys_read+0x6d/0xf0 do_syscall_64+0x8c/0x1b0 entry_SYSCALL_64_after_hwframe+0x76/0x7e
We fix this by checking the existence of a super-block for both the internal and external case.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 065f4b1cd41d03702426af44193894b925607073 < a23b16ba3274961494f5ad236345d238364349ff | affected |
| Linux | Linux | 0b5390aeaa85eb2f15e0e2ea0731c0995285db5e < 3d82a729530bd2110ba66e4a1f73461c776edec2 | affected |
| Linux | Linux | eeeba7f43ae27835718a5f5ad6552a8983e75201 < 3e0542701b37aa25b025d8531583458e4f014c2e | affected |
| Linux | Linux | 6ec1f0239485028445d213d91cfee5242f3211ba < a18f9b08c70e10ea3a897058fee8a4f3b4c146ec | affected |
| Linux | Linux | 6ec1f0239485028445d213d91cfee5242f3211ba < c17fb542dbd1db745c9feac15617056506dd7195 | affected |
| Linux | Linux | 896a6fbefc9050cf940ed57947eda6dc23aa58b0 | affected |
| Linux | Linux | 6.1.135 < 6.1.146 | affected |
| Linux | Linux | 6.6.88 < 6.6.99 | affected |
| Linux | Linux | 6.12.25 < 6.12.39 | affected |
| Linux | Linux | 6.14.4 < 6.15 | affected |
| Linux | Linux | 6.15 | affected |
| Linux | Linux | 0 < 6.15 | unaffected |
| Linux | Linux | 6.1.146 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.99 <= 6.6.* | unaffected |
| Linux | Linux | 6.12.39 <= 6.12.* | unaffected |
| Linux | Linux | 6.15.7 <= 6.15.* | unaffected |
| Linux | Linux | 6.16 <= * | unaffected |
Weaknesses
ADP Enrichment
CVE Program Container
Additional References
Additional References
References
- https://git.kernel.org/stable/c/a23b16ba3274961494f5ad236345d238364349ff
- https://git.kernel.org/stable/c/3d82a729530bd2110ba66e4a1f73461c776edec2
- https://git.kernel.org/stable/c/3e0542701b37aa25b025d8531583458e4f014c2e
- https://git.kernel.org/stable/c/a18f9b08c70e10ea3a897058fee8a4f3b4c146ec
- https://git.kernel.org/stable/c/c17fb542dbd1db745c9feac15617056506dd7195
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.