-
CVE-2025-68373
- EPSS 0.03%
- Veröffentlicht 24.12.2025 10:33:03
- Zuletzt bearbeitet 15.04.2026 00:35:42
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
md: avoid repeated calls to del_gendisk
In the Linux kernel, the following vulnerability has been resolved: md: avoid repeated calls to del_gendisk There is a uaf problem which is found by case 23rdev-lifetime: Oops: general protection fault, probably for non-canonical address 0xdead000000000122 RIP: 0010:bdi_unregister+0x4b/0x170 Call Trace: <TASK> __del_gendisk+0x356/0x3e0 mddev_unlock+0x351/0x360 rdev_attr_store+0x217/0x280 kernfs_fop_write_iter+0x14a/0x210 vfs_write+0x29e/0x550 ksys_write+0x74/0xf0 do_syscall_64+0xbb/0x380 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7ff5250a177e The sequence is: 1. rdev remove path gets reconfig_mutex 2. rdev remove path release reconfig_mutex in mddev_unlock 3. md stop calls do_md_stop and sets MD_DELETED 4. rdev remove path calls del_gendisk because MD_DELETED is set 5. md stop path release reconfig_mutex and calls del_gendisk again So there is a race condition we should resolve. This patch adds a flag MD_DO_DELETE to avoid the race condition.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
≫
Produkt
Linux
Default Statusunaffected
Version
9e59d609763f70a992a8f3808dabcce60f14eb5c
Version <
b4c5cf406062ad44cd178269571530c6435b2f3b
Status
affected
Version
9e59d609763f70a992a8f3808dabcce60f14eb5c
Version <
f0fae1debeb9102398ddf2ef69b4f5d395afafed
Status
affected
Version
9e59d609763f70a992a8f3808dabcce60f14eb5c
Version <
90e3bb44c0a86e245d8e5c6520206fa113acb1ee
Status
affected
HerstellerLinux
≫
Produkt
Linux
Default Statusaffected
Version
6.17
Status
affected
Version
0
Version <
6.17
Status
unaffected
Version <=
6.17.*
Version
6.17.13
Status
unaffected
Version <=
6.18.*
Version
6.18.2
Status
unaffected
Version <=
*
Version
6.19
Status
unaffected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.03% | 0.092 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|