CVE-2024-35787

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-35787
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-35787.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-35787
Downstream
Published
2024-05-17T12:24:35.137Z
Modified
2025-11-30T20:57:22.718744Z
Summary
md/md-bitmap: fix incorrect usage for sb_index
Details

In the Linux kernel, the following vulnerability has been resolved:

md/md-bitmap: fix incorrect usage for sb_index

Commit d7038f951828 ("md-bitmap: don't use ->index for pages backing the bitmap file") removed page->index from bitmap code, but left wrong code logic for clustered-md. current code never set slot offset for cluster nodes, will sometimes cause crash in clustered env.

Call trace (partly): mdbitmapfilesetbit+0x110/0x1d8 [mdmod] mdbitmapstartwrite+0x13c/0x240 [mdmod] raid1makerequest+0x6b0/0x1c08 [raid1] mdhandlerequest+0x1dc/0x368 [mdmod] mdsubmitbio+0x80/0xf8 [mdmod] _submitbio+0x178/0x300 submitbionoacctnocheck+0x11c/0x338 submitbionoacct+0x134/0x614 submitbio+0x28/0xdc submitbhwbc+0x130/0x1cc submit_bh+0x1c/0x28

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/35xxx/CVE-2024-35787.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
d7038f951828da19fa9aafddfa087b69032c9687
Fixed
736ad6c577a367834118f57417038d45bb5e0a31
Fixed
55e55eb65fd5e09faf5a0e49ffcdd37905aaf4da
Fixed
5a95815b17428ce2f56ec18da5e0d1b2a1a15240
Fixed
ecbd8ebb51bf7e4939d83b9e6022a55cac44ef06

Affected versions

v6.*

v6.5
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.6.1
v6.6.10
v6.6.11
v6.6.12
v6.6.13
v6.6.14
v6.6.15
v6.6.16
v6.6.17
v6.6.18
v6.6.19
v6.6.2
v6.6.20
v6.6.21
v6.6.22
v6.6.23
v6.6.3
v6.6.4
v6.6.5
v6.6.6
v6.6.7
v6.6.8
v6.6.9
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.7.1
v6.7.10
v6.7.11
v6.7.2
v6.7.3
v6.7.4
v6.7.5
v6.7.6
v6.7.7
v6.7.8
v6.7.9
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.8.1
v6.8.2

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-35787.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.6.0
Fixed
6.6.24
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.7.12
Type
ECOSYSTEM
Events
Introduced
6.8.0
Fixed
6.8.3

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-35787.json"