In the Linux kernel, the following vulnerability has been resolved: md raid: fix hang when...
🔗 CVE IDs covered (1)
📋 Description
In the Linux kernel, the following vulnerability has been resolved:
md raid: fix hang when stopping arrays with metadata through dm-raid
When using device-mapper's dm-raid target, stopping a RAID array can cause the system to hang under specific conditions.
This occurs when:
-
A dm-raid managed device tree is suspended from top to bottom (the top-level RAID device is suspended first, followed by its underlying metadata and data devices)
-
The top-level RAID device is then removed
Removing the top-level device triggers a hang in the following sequence: the dm-raid destructor calls md_stop(), which tries to flush the write-intent bitmap by writing to the metadata sub-devices. However, these devices are already suspended, making them unable to complete the write-intent operations and causing an indefinite block.
Fix:
-
Prevent bitmap flushing when md_stop() is called from dm-raid destructor context and avoid a quiescing/unquescing cycle which could also cause I/O
-
Still allow write-intent bitmap flushing when called from dm-raid suspend context
This ensures that RAID array teardown can complete successfully even when the underlying devices are in a suspended state.
This second patch uses md_is_rdwr() to distinguish between suspend and destructor paths as elaborated on above.
🔗 References (5)
- https://nvd.nist.gov/vuln/detail/CVE-2026-43309
- https://git.kernel.org/stable/c/24783dd06de870d646c25207bae186f78195f912
- https://git.kernel.org/stable/c/338378dfffbdbb8d37a18f0a0c0358812671f91e
- https://git.kernel.org/stable/c/cefcb9297fbdb6d94b61787b4f8d84f55b741470
- https://github.com/advisories/GHSA-v56g-44rc-67wq