-

CVE-2026-53061

dm cache: fix dirty mapping checking in passthrough mode switching

In the Linux kernel, the following vulnerability has been resolved:

dm cache: fix dirty mapping checking in passthrough mode switching

As mentioned in commit 9b1cc9f251af ("dm cache: share cache-metadata
object across inactive and active DM tables"), dm-cache assumed table
reload occurs after suspension, while LVM's table preload breaks this
assumption. The dirty mapping check for passthrough mode was designed
around this assumption and is performed during table creation, causing
the check to fail with preload while metadata updates are ongoing. This
risks loading dirty mappings into passthrough mode, resulting in data
loss.

Reproduce steps:

1. Create a writeback cache with zero migration_threshold to produce
   dirty mappings

dmsetup create cmeta --table "0 8192 linear /dev/sdc 0"
dmsetup create cdata --table "0 131072 linear /dev/sdc 8192"
dmsetup create corig --table "0 262144 linear /dev/sdc 262144"
dd if=/dev/zero of=/dev/mapper/cmeta bs=4k count=1 oflag=direct
dmsetup create cache --table "0 262144 cache /dev/mapper/cmeta \
/dev/mapper/cdata /dev/mapper/corig 128 2 metadata2 writeback smq \
2 migration_threshold 0"

2. Preload a table in passthrough mode

dmsetup reload cache --table "0 262144 cache /dev/mapper/cmeta \
/dev/mapper/cdata /dev/mapper/corig 128 2 metadata2 passthrough smq 0"

3. Write to the first cache block to make it dirty

fio --filename=/dev/mapper/cache --name=populate --rw=write --bs=4k \
--direct=1 --size=64k

4. Resume the inactive table. Now it's possible to load the dirty block
   into passthrough mode.

dmsetup resume cache

Fix by moving the checks to the preresume phase to support table
preloading. Also remove the unused function dm_cache_metadata_all_clean.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
Produkt Linux
Default Statusunaffected
Version 2ee57d587357f0d752af6c2e3e46434a74b1bee3
Version < c2e86f647561fcf5e1c6eba7d75e9e0c4299c94d
Status affected
Version 2ee57d587357f0d752af6c2e3e46434a74b1bee3
Version < 5c98a3f1d7a554c9e920aa31daf92af6b5bbb8cc
Status affected
Version 2ee57d587357f0d752af6c2e3e46434a74b1bee3
Version < 1443c32f24d6d8bcdf4beceef2afc09290b98717
Status affected
Version 2ee57d587357f0d752af6c2e3e46434a74b1bee3
Version < 12105c7f18375d7615dad7605d89eadae7eb12a6
Status affected
Version 2ee57d587357f0d752af6c2e3e46434a74b1bee3
Version < bd5a2c1018938e6b32670728bdb32a3f0efff00f
Status affected
Version 2ee57d587357f0d752af6c2e3e46434a74b1bee3
Version < 21c503d60a257e54ca3ac58e2721bd24501d5bde
Status affected
Version 2ee57d587357f0d752af6c2e3e46434a74b1bee3
Version < 01b22656d8a68dbeae59f8b80866e7b11936b20a
Status affected
Version 2ee57d587357f0d752af6c2e3e46434a74b1bee3
Version < 322586745bd1a0e5f3559fd1635fdeb4dbd1d6b8
Status affected
HerstellerLinux
Produkt Linux
Default Statusaffected
Version 3.13
Status affected
Version 0
Version < 3.13
Status unaffected
Version <= 5.10.*
Version 5.10.258
Status unaffected
Version <= 5.15.*
Version 5.15.209
Status unaffected
Version <= 6.1.*
Version 6.1.175
Status unaffected
Version <= 6.6.*
Version 6.6.141
Status unaffected
Version <= 6.12.*
Version 6.12.91
Status unaffected
Version <= 6.18.*
Version 6.18.33
Status unaffected
Version <= 7.0.*
Version 7.0.10
Status unaffected
Version <= *
Version 7.1
Status unaffected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.18% 0.074
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/c2e86f647561fcf5e1c6eba7d75e9e0c4299c94d
https://git.kernel.org/stable/c/5c98a3f1d7a554c9e920aa31daf92af6b5bbb8cc
https://git.kernel.org/stable/c/1443c32f24d6d8bcdf4beceef2afc09290b98717
https://git.kernel.org/stable/c/12105c7f18375d7615dad7605d89eadae7eb12a6
https://git.kernel.org/stable/c/bd5a2c1018938e6b32670728bdb32a3f0efff00f
https://git.kernel.org/stable/c/21c503d60a257e54ca3ac58e2721bd24501d5bde
https://git.kernel.org/stable/c/01b22656d8a68dbeae59f8b80866e7b11936b20a
https://git.kernel.org/stable/c/322586745bd1a0e5f3559fd1635fdeb4dbd1d6b8