CVE-2024-35787

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-35787
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-35787.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-35787
Downstream
Published
2024-05-17T12:24:35Z
Modified
2025-10-15T10:21:11.534106Z
Summary
md/md-bitmap: fix incorrect usage for sb_index
Details

In the Linux kernel, the following vulnerability has been resolved:

md/md-bitmap: fix incorrect usage for sb_index

Commit d7038f951828 ("md-bitmap: don't use ->index for pages backing the bitmap file") removed page->index from bitmap code, but left wrong code logic for clustered-md. current code never set slot offset for cluster nodes, will sometimes cause crash in clustered env.

Call trace (partly): mdbitmapfilesetbit+0x110/0x1d8 [mdmod] mdbitmapstartwrite+0x13c/0x240 [mdmod] raid1makerequest+0x6b0/0x1c08 [raid1] mdhandlerequest+0x1dc/0x368 [mdmod] mdsubmitbio+0x80/0xf8 [mdmod] _submitbio+0x178/0x300 submitbionoacctnocheck+0x11c/0x338 submitbionoacct+0x134/0x614 submitbio+0x28/0xdc submitbhwbc+0x130/0x1cc submit_bh+0x1c/0x28

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
d7038f951828da19fa9aafddfa087b69032c9687
Fixed
736ad6c577a367834118f57417038d45bb5e0a31
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
d7038f951828da19fa9aafddfa087b69032c9687
Fixed
55e55eb65fd5e09faf5a0e49ffcdd37905aaf4da
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
d7038f951828da19fa9aafddfa087b69032c9687
Fixed
5a95815b17428ce2f56ec18da5e0d1b2a1a15240
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
d7038f951828da19fa9aafddfa087b69032c9687
Fixed
ecbd8ebb51bf7e4939d83b9e6022a55cac44ef06

Affected versions

v6.*

v6.5
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.6.1
v6.6.10
v6.6.11
v6.6.12
v6.6.13
v6.6.14
v6.6.15
v6.6.16
v6.6.17
v6.6.18
v6.6.19
v6.6.2
v6.6.20
v6.6.21
v6.6.22
v6.6.23
v6.6.3
v6.6.4
v6.6.5
v6.6.6
v6.6.7
v6.6.8
v6.6.9
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.7.1
v6.7.10
v6.7.11
v6.7.2
v6.7.3
v6.7.4
v6.7.5
v6.7.6
v6.7.7
v6.7.8
v6.7.9
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.8.1
v6.8.2

Database specific

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 738.0,
                "function_hash": "179770903664361641688184110759696728189"
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@736ad6c577a367834118f57417038d45bb5e0a31",
            "signature_type": "Function",
            "target": {
                "function": "md_bitmap_file_set_bit",
                "file": "drivers/md/md-bitmap.c"
            },
            "deprecated": false,
            "signature_version": "v1",
            "id": "CVE-2024-35787-078a2439"
        },
        {
            "digest": {
                "line_hashes": [
                    "325523765181253623482009608797722057312",
                    "315074142979760923359421214896959495428",
                    "73056798449557510066390674911930211489",
                    "244250147663891721859106973964964675184",
                    "66936966217010519901862403990714603294",
                    "125639195696010524172311253183073384048",
                    "176418652032912730183544651551585236513",
                    "250583269779256269437063039973019584379",
                    "145441696839011024335901429327087679925",
                    "51645414971514239097672764785806698974",
                    "300579966987785382970809114562223514622",
                    "75294853918284677194624306842416639794",
                    "51645414971514239097672764785806698974",
                    "300579966987785382970809114562223514622",
                    "75294853918284677194624306842416639794"
                ],
                "threshold": 0.9
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@736ad6c577a367834118f57417038d45bb5e0a31",
            "signature_type": "Line",
            "target": {
                "file": "drivers/md/md-bitmap.c"
            },
            "deprecated": false,
            "signature_version": "v1",
            "id": "CVE-2024-35787-0a3ac997"
        },
        {
            "digest": {
                "length": 775.0,
                "function_hash": "301784616227449775238184427449872864363"
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ecbd8ebb51bf7e4939d83b9e6022a55cac44ef06",
            "signature_type": "Function",
            "target": {
                "function": "md_bitmap_file_clear_bit",
                "file": "drivers/md/md-bitmap.c"
            },
            "deprecated": false,
            "signature_version": "v1",
            "id": "CVE-2024-35787-1d56b04a"
        },
        {
            "digest": {
                "length": 1202.0,
                "function_hash": "184704553579049011443737404739168277982"
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@736ad6c577a367834118f57417038d45bb5e0a31",
            "signature_type": "Function",
            "target": {
                "function": "__write_sb_page",
                "file": "drivers/md/md-bitmap.c"
            },
            "deprecated": false,
            "signature_version": "v1",
            "id": "CVE-2024-35787-3fb14d87"
        },
        {
            "digest": {
                "length": 1202.0,
                "function_hash": "184704553579049011443737404739168277982"
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ecbd8ebb51bf7e4939d83b9e6022a55cac44ef06",
            "signature_type": "Function",
            "target": {
                "function": "__write_sb_page",
                "file": "drivers/md/md-bitmap.c"
            },
            "deprecated": false,
            "signature_version": "v1",
            "id": "CVE-2024-35787-4f3a2a11"
        },
        {
            "digest": {
                "length": 775.0,
                "function_hash": "301784616227449775238184427449872864363"
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5a95815b17428ce2f56ec18da5e0d1b2a1a15240",
            "signature_type": "Function",
            "target": {
                "function": "md_bitmap_file_clear_bit",
                "file": "drivers/md/md-bitmap.c"
            },
            "deprecated": false,
            "signature_version": "v1",
            "id": "CVE-2024-35787-7481753c"
        },
        {
            "digest": {
                "length": 775.0,
                "function_hash": "301784616227449775238184427449872864363"
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@736ad6c577a367834118f57417038d45bb5e0a31",
            "signature_type": "Function",
            "target": {
                "function": "md_bitmap_file_clear_bit",
                "file": "drivers/md/md-bitmap.c"
            },
            "deprecated": false,
            "signature_version": "v1",
            "id": "CVE-2024-35787-75468f53"
        },
        {
            "digest": {
                "length": 370.0,
                "function_hash": "287717978023133228361705104237439247516"
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@736ad6c577a367834118f57417038d45bb5e0a31",
            "signature_type": "Function",
            "target": {
                "function": "filemap_write_page",
                "file": "drivers/md/md-bitmap.c"
            },
            "deprecated": false,
            "signature_version": "v1",
            "id": "CVE-2024-35787-777dac75"
        },
        {
            "digest": {
                "length": 738.0,
                "function_hash": "179770903664361641688184110759696728189"
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ecbd8ebb51bf7e4939d83b9e6022a55cac44ef06",
            "signature_type": "Function",
            "target": {
                "function": "md_bitmap_file_set_bit",
                "file": "drivers/md/md-bitmap.c"
            },
            "deprecated": false,
            "signature_version": "v1",
            "id": "CVE-2024-35787-8be49ecc"
        },
        {
            "digest": {
                "line_hashes": [
                    "325523765181253623482009608797722057312",
                    "315074142979760923359421214896959495428",
                    "73056798449557510066390674911930211489",
                    "244250147663891721859106973964964675184",
                    "66936966217010519901862403990714603294",
                    "125639195696010524172311253183073384048",
                    "176418652032912730183544651551585236513",
                    "250583269779256269437063039973019584379",
                    "145441696839011024335901429327087679925",
                    "51645414971514239097672764785806698974",
                    "300579966987785382970809114562223514622",
                    "75294853918284677194624306842416639794",
                    "51645414971514239097672764785806698974",
                    "300579966987785382970809114562223514622",
                    "75294853918284677194624306842416639794"
                ],
                "threshold": 0.9
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@55e55eb65fd5e09faf5a0e49ffcdd37905aaf4da",
            "signature_type": "Line",
            "target": {
                "file": "drivers/md/md-bitmap.c"
            },
            "deprecated": false,
            "signature_version": "v1",
            "id": "CVE-2024-35787-9502cf5c"
        },
        {
            "digest": {
                "line_hashes": [
                    "325523765181253623482009608797722057312",
                    "315074142979760923359421214896959495428",
                    "73056798449557510066390674911930211489",
                    "244250147663891721859106973964964675184",
                    "66936966217010519901862403990714603294",
                    "125639195696010524172311253183073384048",
                    "176418652032912730183544651551585236513",
                    "250583269779256269437063039973019584379",
                    "145441696839011024335901429327087679925",
                    "51645414971514239097672764785806698974",
                    "300579966987785382970809114562223514622",
                    "75294853918284677194624306842416639794",
                    "51645414971514239097672764785806698974",
                    "300579966987785382970809114562223514622",
                    "75294853918284677194624306842416639794"
                ],
                "threshold": 0.9
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5a95815b17428ce2f56ec18da5e0d1b2a1a15240",
            "signature_type": "Line",
            "target": {
                "file": "drivers/md/md-bitmap.c"
            },
            "deprecated": false,
            "signature_version": "v1",
            "id": "CVE-2024-35787-bd75d83b"
        },
        {
            "digest": {
                "length": 370.0,
                "function_hash": "287717978023133228361705104237439247516"
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ecbd8ebb51bf7e4939d83b9e6022a55cac44ef06",
            "signature_type": "Function",
            "target": {
                "function": "filemap_write_page",
                "file": "drivers/md/md-bitmap.c"
            },
            "deprecated": false,
            "signature_version": "v1",
            "id": "CVE-2024-35787-ce1333a7"
        },
        {
            "digest": {
                "length": 370.0,
                "function_hash": "287717978023133228361705104237439247516"
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5a95815b17428ce2f56ec18da5e0d1b2a1a15240",
            "signature_type": "Function",
            "target": {
                "function": "filemap_write_page",
                "file": "drivers/md/md-bitmap.c"
            },
            "deprecated": false,
            "signature_version": "v1",
            "id": "CVE-2024-35787-d4710f94"
        },
        {
            "digest": {
                "length": 1202.0,
                "function_hash": "184704553579049011443737404739168277982"
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@55e55eb65fd5e09faf5a0e49ffcdd37905aaf4da",
            "signature_type": "Function",
            "target": {
                "function": "__write_sb_page",
                "file": "drivers/md/md-bitmap.c"
            },
            "deprecated": false,
            "signature_version": "v1",
            "id": "CVE-2024-35787-d89b47cf"
        },
        {
            "digest": {
                "length": 370.0,
                "function_hash": "287717978023133228361705104237439247516"
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@55e55eb65fd5e09faf5a0e49ffcdd37905aaf4da",
            "signature_type": "Function",
            "target": {
                "function": "filemap_write_page",
                "file": "drivers/md/md-bitmap.c"
            },
            "deprecated": false,
            "signature_version": "v1",
            "id": "CVE-2024-35787-dea5ef85"
        },
        {
            "digest": {
                "length": 775.0,
                "function_hash": "301784616227449775238184427449872864363"
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@55e55eb65fd5e09faf5a0e49ffcdd37905aaf4da",
            "signature_type": "Function",
            "target": {
                "function": "md_bitmap_file_clear_bit",
                "file": "drivers/md/md-bitmap.c"
            },
            "deprecated": false,
            "signature_version": "v1",
            "id": "CVE-2024-35787-e1a31cdf"
        },
        {
            "digest": {
                "length": 1202.0,
                "function_hash": "184704553579049011443737404739168277982"
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5a95815b17428ce2f56ec18da5e0d1b2a1a15240",
            "signature_type": "Function",
            "target": {
                "function": "__write_sb_page",
                "file": "drivers/md/md-bitmap.c"
            },
            "deprecated": false,
            "signature_version": "v1",
            "id": "CVE-2024-35787-e225a504"
        },
        {
            "digest": {
                "length": 738.0,
                "function_hash": "179770903664361641688184110759696728189"
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5a95815b17428ce2f56ec18da5e0d1b2a1a15240",
            "signature_type": "Function",
            "target": {
                "function": "md_bitmap_file_set_bit",
                "file": "drivers/md/md-bitmap.c"
            },
            "deprecated": false,
            "signature_version": "v1",
            "id": "CVE-2024-35787-f0fa1e28"
        },
        {
            "digest": {
                "line_hashes": [
                    "325523765181253623482009608797722057312",
                    "315074142979760923359421214896959495428",
                    "73056798449557510066390674911930211489",
                    "244250147663891721859106973964964675184",
                    "66936966217010519901862403990714603294",
                    "125639195696010524172311253183073384048",
                    "176418652032912730183544651551585236513",
                    "250583269779256269437063039973019584379",
                    "145441696839011024335901429327087679925",
                    "51645414971514239097672764785806698974",
                    "300579966987785382970809114562223514622",
                    "75294853918284677194624306842416639794",
                    "51645414971514239097672764785806698974",
                    "300579966987785382970809114562223514622",
                    "75294853918284677194624306842416639794"
                ],
                "threshold": 0.9
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ecbd8ebb51bf7e4939d83b9e6022a55cac44ef06",
            "signature_type": "Line",
            "target": {
                "file": "drivers/md/md-bitmap.c"
            },
            "deprecated": false,
            "signature_version": "v1",
            "id": "CVE-2024-35787-f7753b69"
        },
        {
            "digest": {
                "length": 738.0,
                "function_hash": "179770903664361641688184110759696728189"
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@55e55eb65fd5e09faf5a0e49ffcdd37905aaf4da",
            "signature_type": "Function",
            "target": {
                "function": "md_bitmap_file_set_bit",
                "file": "drivers/md/md-bitmap.c"
            },
            "deprecated": false,
            "signature_version": "v1",
            "id": "CVE-2024-35787-f940d4cd"
        }
    ]
}

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.6.0
Fixed
6.6.24
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.7.12
Type
ECOSYSTEM
Events
Introduced
6.8.0
Fixed
6.8.3