| Message ID | 20240503172232.1232019-1-magali.lemes@canonical.com |
|---|---|
| Headers | show |
| Series | CVE-2024-23307 | expand |
On 5/3/24 11:22 AM, Magali Lemes wrote: > [Impact] > An integer overflow flaw was found in the raid5 subsystem in the Linux kernel. > Concurrent executions of raid5_cache_count() and raid5_set_cache_size() may > lead to inconsistent reads of conf->max_nr_stripes and conf->min_nr_stripes, > such that conf->min_nr_stripes may exceed conf->max_nr_stripes and potentially > cause an integer overflow. > > [Backport] > Clean cherry-pick from linux-6.6.y. > > [Test] > Compile and boot tested. > > [Where problems could occur] > Any problems would be limited to systems that use RAID 4/5/6 configurations. > As the fix touches code related to stripe cache, although unlikely, this could > impact performance. > > Gui-Dong Han (1): > md/raid5: fix atomicity violation in raid5_cache_count > > drivers/md/raid5.c | 14 ++++++++------ > 1 file changed, 8 insertions(+), 6 deletions(-) > Acked-by: Tim Gardner <tim.gardner@canonical.com>
On 24-05-03 14:22:31, Magali Lemes wrote: > [Impact] > An integer overflow flaw was found in the raid5 subsystem in the Linux kernel. > Concurrent executions of raid5_cache_count() and raid5_set_cache_size() may > lead to inconsistent reads of conf->max_nr_stripes and conf->min_nr_stripes, > such that conf->min_nr_stripes may exceed conf->max_nr_stripes and potentially > cause an integer overflow. > > [Backport] > Clean cherry-pick from linux-6.6.y. > > [Test] > Compile and boot tested. > > [Where problems could occur] > Any problems would be limited to systems that use RAID 4/5/6 configurations. > As the fix touches code related to stripe cache, although unlikely, this could > impact performance. > > Gui-Dong Han (1): > md/raid5: fix atomicity violation in raid5_cache_count Acked-by: Cengiz Can <cengiz.can@canonical.com> > > drivers/md/raid5.c | 14 ++++++++------ > 1 file changed, 8 insertions(+), 6 deletions(-) > > -- > 2.34.1 > > > -- > kernel-team mailing list > kernel-team@lists.ubuntu.com > https://lists.ubuntu.com/mailman/listinfo/kernel-team
On 03/05/2024 19:22, Magali Lemes wrote: > [Impact] > An integer overflow flaw was found in the raid5 subsystem in the Linux kernel. > Concurrent executions of raid5_cache_count() and raid5_set_cache_size() may > lead to inconsistent reads of conf->max_nr_stripes and conf->min_nr_stripes, > such that conf->min_nr_stripes may exceed conf->max_nr_stripes and potentially > cause an integer overflow. > > [Backport] > Clean cherry-pick from linux-6.6.y. > > [Test] > Compile and boot tested. > > [Where problems could occur] > Any problems would be limited to systems that use RAID 4/5/6 configurations. > As the fix touches code related to stripe cache, although unlikely, this could > impact performance. > > Gui-Dong Han (1): > md/raid5: fix atomicity violation in raid5_cache_count > > drivers/md/raid5.c | 14 ++++++++------ > 1 file changed, 8 insertions(+), 6 deletions(-) > Applied to mantic:linux, jammy:linux, focal:linux master-next branches. Thanks!