In the Linux kernel, the following vulnerability has been resolved:
md/md-bitmap: fix incorrect usage for sb_index
Commit d7038f951828 ("md-bitmap: don't use ->index for pages backing the bitmap file") removed page->index from bitmap code, but left wrong code logic for clustered-md. current code never set slot offset for cluster nodes, will sometimes cause crash in clustered env.
Call trace (partly): mdbitmapfilesetbit+0x110/0x1d8 [mdmod] mdbitmapstartwrite+0x13c/0x240 [mdmod] raid1makerequest+0x6b0/0x1c08 [raid1] mdhandlerequest+0x1dc/0x368 [mdmod] mdsubmitbio+0x80/0xf8 [mdmod] _submitbio+0x178/0x300 submitbionoacctnocheck+0x11c/0x338 submitbionoacct+0x134/0x614 submitbio+0x28/0xdc submitbhwbc+0x130/0x1cc submit_bh+0x1c/0x28
[
{
"target": {
"function": "md_bitmap_file_set_bit",
"file": "drivers/md/md-bitmap.c"
},
"id": "CVE-2024-35787-078a2439",
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@736ad6c577a367834118f57417038d45bb5e0a31",
"digest": {
"function_hash": "179770903664361641688184110759696728189",
"length": 738.0
}
},
{
"target": {
"file": "drivers/md/md-bitmap.c"
},
"id": "CVE-2024-35787-0a3ac997",
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@736ad6c577a367834118f57417038d45bb5e0a31",
"digest": {
"line_hashes": [
"325523765181253623482009608797722057312",
"315074142979760923359421214896959495428",
"73056798449557510066390674911930211489",
"244250147663891721859106973964964675184",
"66936966217010519901862403990714603294",
"125639195696010524172311253183073384048",
"176418652032912730183544651551585236513",
"250583269779256269437063039973019584379",
"145441696839011024335901429327087679925",
"51645414971514239097672764785806698974",
"300579966987785382970809114562223514622",
"75294853918284677194624306842416639794",
"51645414971514239097672764785806698974",
"300579966987785382970809114562223514622",
"75294853918284677194624306842416639794"
],
"threshold": 0.9
}
},
{
"target": {
"function": "md_bitmap_file_clear_bit",
"file": "drivers/md/md-bitmap.c"
},
"id": "CVE-2024-35787-1d56b04a",
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ecbd8ebb51bf7e4939d83b9e6022a55cac44ef06",
"digest": {
"function_hash": "301784616227449775238184427449872864363",
"length": 775.0
}
},
{
"target": {
"function": "__write_sb_page",
"file": "drivers/md/md-bitmap.c"
},
"id": "CVE-2024-35787-3fb14d87",
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@736ad6c577a367834118f57417038d45bb5e0a31",
"digest": {
"function_hash": "184704553579049011443737404739168277982",
"length": 1202.0
}
},
{
"target": {
"function": "__write_sb_page",
"file": "drivers/md/md-bitmap.c"
},
"id": "CVE-2024-35787-4f3a2a11",
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ecbd8ebb51bf7e4939d83b9e6022a55cac44ef06",
"digest": {
"function_hash": "184704553579049011443737404739168277982",
"length": 1202.0
}
},
{
"target": {
"function": "md_bitmap_file_clear_bit",
"file": "drivers/md/md-bitmap.c"
},
"id": "CVE-2024-35787-7481753c",
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5a95815b17428ce2f56ec18da5e0d1b2a1a15240",
"digest": {
"function_hash": "301784616227449775238184427449872864363",
"length": 775.0
}
},
{
"target": {
"function": "md_bitmap_file_clear_bit",
"file": "drivers/md/md-bitmap.c"
},
"id": "CVE-2024-35787-75468f53",
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@736ad6c577a367834118f57417038d45bb5e0a31",
"digest": {
"function_hash": "301784616227449775238184427449872864363",
"length": 775.0
}
},
{
"target": {
"function": "filemap_write_page",
"file": "drivers/md/md-bitmap.c"
},
"id": "CVE-2024-35787-777dac75",
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@736ad6c577a367834118f57417038d45bb5e0a31",
"digest": {
"function_hash": "287717978023133228361705104237439247516",
"length": 370.0
}
},
{
"target": {
"function": "md_bitmap_file_set_bit",
"file": "drivers/md/md-bitmap.c"
},
"id": "CVE-2024-35787-8be49ecc",
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ecbd8ebb51bf7e4939d83b9e6022a55cac44ef06",
"digest": {
"function_hash": "179770903664361641688184110759696728189",
"length": 738.0
}
},
{
"target": {
"file": "drivers/md/md-bitmap.c"
},
"id": "CVE-2024-35787-9502cf5c",
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@55e55eb65fd5e09faf5a0e49ffcdd37905aaf4da",
"digest": {
"line_hashes": [
"325523765181253623482009608797722057312",
"315074142979760923359421214896959495428",
"73056798449557510066390674911930211489",
"244250147663891721859106973964964675184",
"66936966217010519901862403990714603294",
"125639195696010524172311253183073384048",
"176418652032912730183544651551585236513",
"250583269779256269437063039973019584379",
"145441696839011024335901429327087679925",
"51645414971514239097672764785806698974",
"300579966987785382970809114562223514622",
"75294853918284677194624306842416639794",
"51645414971514239097672764785806698974",
"300579966987785382970809114562223514622",
"75294853918284677194624306842416639794"
],
"threshold": 0.9
}
},
{
"target": {
"file": "drivers/md/md-bitmap.c"
},
"id": "CVE-2024-35787-bd75d83b",
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5a95815b17428ce2f56ec18da5e0d1b2a1a15240",
"digest": {
"line_hashes": [
"325523765181253623482009608797722057312",
"315074142979760923359421214896959495428",
"73056798449557510066390674911930211489",
"244250147663891721859106973964964675184",
"66936966217010519901862403990714603294",
"125639195696010524172311253183073384048",
"176418652032912730183544651551585236513",
"250583269779256269437063039973019584379",
"145441696839011024335901429327087679925",
"51645414971514239097672764785806698974",
"300579966987785382970809114562223514622",
"75294853918284677194624306842416639794",
"51645414971514239097672764785806698974",
"300579966987785382970809114562223514622",
"75294853918284677194624306842416639794"
],
"threshold": 0.9
}
},
{
"target": {
"function": "filemap_write_page",
"file": "drivers/md/md-bitmap.c"
},
"id": "CVE-2024-35787-ce1333a7",
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ecbd8ebb51bf7e4939d83b9e6022a55cac44ef06",
"digest": {
"function_hash": "287717978023133228361705104237439247516",
"length": 370.0
}
},
{
"target": {
"function": "filemap_write_page",
"file": "drivers/md/md-bitmap.c"
},
"id": "CVE-2024-35787-d4710f94",
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5a95815b17428ce2f56ec18da5e0d1b2a1a15240",
"digest": {
"function_hash": "287717978023133228361705104237439247516",
"length": 370.0
}
},
{
"target": {
"function": "__write_sb_page",
"file": "drivers/md/md-bitmap.c"
},
"id": "CVE-2024-35787-d89b47cf",
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@55e55eb65fd5e09faf5a0e49ffcdd37905aaf4da",
"digest": {
"function_hash": "184704553579049011443737404739168277982",
"length": 1202.0
}
},
{
"target": {
"function": "filemap_write_page",
"file": "drivers/md/md-bitmap.c"
},
"id": "CVE-2024-35787-dea5ef85",
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@55e55eb65fd5e09faf5a0e49ffcdd37905aaf4da",
"digest": {
"function_hash": "287717978023133228361705104237439247516",
"length": 370.0
}
},
{
"target": {
"function": "md_bitmap_file_clear_bit",
"file": "drivers/md/md-bitmap.c"
},
"id": "CVE-2024-35787-e1a31cdf",
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@55e55eb65fd5e09faf5a0e49ffcdd37905aaf4da",
"digest": {
"function_hash": "301784616227449775238184427449872864363",
"length": 775.0
}
},
{
"target": {
"function": "__write_sb_page",
"file": "drivers/md/md-bitmap.c"
},
"id": "CVE-2024-35787-e225a504",
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5a95815b17428ce2f56ec18da5e0d1b2a1a15240",
"digest": {
"function_hash": "184704553579049011443737404739168277982",
"length": 1202.0
}
},
{
"target": {
"function": "md_bitmap_file_set_bit",
"file": "drivers/md/md-bitmap.c"
},
"id": "CVE-2024-35787-f0fa1e28",
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5a95815b17428ce2f56ec18da5e0d1b2a1a15240",
"digest": {
"function_hash": "179770903664361641688184110759696728189",
"length": 738.0
}
},
{
"target": {
"file": "drivers/md/md-bitmap.c"
},
"id": "CVE-2024-35787-f7753b69",
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ecbd8ebb51bf7e4939d83b9e6022a55cac44ef06",
"digest": {
"line_hashes": [
"325523765181253623482009608797722057312",
"315074142979760923359421214896959495428",
"73056798449557510066390674911930211489",
"244250147663891721859106973964964675184",
"66936966217010519901862403990714603294",
"125639195696010524172311253183073384048",
"176418652032912730183544651551585236513",
"250583269779256269437063039973019584379",
"145441696839011024335901429327087679925",
"51645414971514239097672764785806698974",
"300579966987785382970809114562223514622",
"75294853918284677194624306842416639794",
"51645414971514239097672764785806698974",
"300579966987785382970809114562223514622",
"75294853918284677194624306842416639794"
],
"threshold": 0.9
}
},
{
"target": {
"function": "md_bitmap_file_set_bit",
"file": "drivers/md/md-bitmap.c"
},
"id": "CVE-2024-35787-f940d4cd",
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@55e55eb65fd5e09faf5a0e49ffcdd37905aaf4da",
"digest": {
"function_hash": "179770903664361641688184110759696728189",
"length": 738.0
}
}
]