CVE-2025-71135

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-71135
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-71135.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-71135
Downstream
Related
Published
2026-01-14T15:07:49.891Z
Modified
2026-05-18T05:59:41.480926840Z
Summary
md/raid5: fix possible null-pointer dereferences in raid5_store_group_thread_cnt()
Details

In the Linux kernel, the following vulnerability has been resolved:

md/raid5: fix possible null-pointer dereferences in raid5storegroupthreadcnt()

The variable mddev->private is first assigned to conf and then checked:

conf = mddev->private; if (!conf) ...

If conf is NULL, then mddev->private is also NULL. In this case, null-pointer dereferences can occur when calling raid5_quiesce():

raid5quiesce(mddev, true); raid5quiesce(mddev, false);

since mddev->private is assigned to conf again in raid5_quiesce(), and conf is dereferenced in several places, for example:

conf->quiesce = 0; wakeup(&conf->waitfor_quiescent);

To fix this issue, the function should unlock mddev and return before invoking raid5quiesce() when conf is NULL, following the existing pattern in raid5changeconsistencypolicy().

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/71xxx/CVE-2025-71135.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
be19e6e4339d1579d5f2fae8ce4facf9521dbbfc
Fixed
20597b7229aea8b5bc45cd92097640257c7fc33b
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
fa1944bbe6220eb929e2c02e5e8706b908565711
Fixed
e5abb6af905de6b2fead8a0b3f32ab0b81468a01
Fixed
7ad6ef91d8745d04aff9cce7bdbc6320d8e05fe9

Affected versions

v6.*
v6.12.10
v6.12.11
v6.12.12
v6.12.13
v6.12.14
v6.12.15
v6.12.16
v6.12.17
v6.12.18
v6.12.19
v6.12.20
v6.12.21
v6.12.22
v6.12.23
v6.12.24
v6.12.25
v6.12.26
v6.12.27
v6.12.28
v6.12.29
v6.12.30
v6.12.31
v6.12.32
v6.12.33
v6.12.34
v6.12.35
v6.12.36
v6.12.37
v6.12.38
v6.12.39
v6.12.4
v6.12.40
v6.12.41
v6.12.42
v6.12.43
v6.12.44
v6.12.45
v6.12.46
v6.12.47
v6.12.48
v6.12.49
v6.12.5
v6.12.50
v6.12.51
v6.12.52
v6.12.53
v6.12.54
v6.12.55
v6.12.56
v6.12.57
v6.12.58
v6.12.59
v6.12.6
v6.12.60
v6.12.61
v6.12.62
v6.12.63
v6.12.7
v6.12.8
v6.12.9

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-71135.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.12.64
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.18.4

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-71135.json"