In the Linux kernel, the following vulnerability has been resolved:
md/md-bitmap: fix incorrect usage for sb_index
Commit d7038f951828 ("md-bitmap: don't use ->index for pages backing the bitmap file") removed page->index from bitmap code, but left wrong code logic for clustered-md. current code never set slot offset for cluster nodes, will sometimes cause crash in clustered env.
Call trace (partly): mdbitmapfilesetbit+0x110/0x1d8 [mdmod] mdbitmapstartwrite+0x13c/0x240 [mdmod] raid1makerequest+0x6b0/0x1c08 [raid1] mdhandlerequest+0x1dc/0x368 [mdmod] mdsubmitbio+0x80/0xf8 [mdmod] _submitbio+0x178/0x300 submitbionoacctnocheck+0x11c/0x338 submitbionoacct+0x134/0x614 submitbio+0x28/0xdc submitbhwbc+0x130/0x1cc submit_bh+0x1c/0x28
{ "vanir_signatures": [ { "digest": { "length": 738.0, "function_hash": "179770903664361641688184110759696728189" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@736ad6c577a367834118f57417038d45bb5e0a31", "signature_type": "Function", "target": { "function": "md_bitmap_file_set_bit", "file": "drivers/md/md-bitmap.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2024-35787-078a2439" }, { "digest": { "line_hashes": [ "325523765181253623482009608797722057312", "315074142979760923359421214896959495428", "73056798449557510066390674911930211489", "244250147663891721859106973964964675184", "66936966217010519901862403990714603294", "125639195696010524172311253183073384048", "176418652032912730183544651551585236513", "250583269779256269437063039973019584379", "145441696839011024335901429327087679925", "51645414971514239097672764785806698974", "300579966987785382970809114562223514622", "75294853918284677194624306842416639794", "51645414971514239097672764785806698974", "300579966987785382970809114562223514622", "75294853918284677194624306842416639794" ], "threshold": 0.9 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@736ad6c577a367834118f57417038d45bb5e0a31", "signature_type": "Line", "target": { "file": "drivers/md/md-bitmap.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2024-35787-0a3ac997" }, { "digest": { "length": 775.0, "function_hash": "301784616227449775238184427449872864363" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ecbd8ebb51bf7e4939d83b9e6022a55cac44ef06", "signature_type": "Function", "target": { "function": "md_bitmap_file_clear_bit", "file": "drivers/md/md-bitmap.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2024-35787-1d56b04a" }, { "digest": { "length": 1202.0, "function_hash": "184704553579049011443737404739168277982" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@736ad6c577a367834118f57417038d45bb5e0a31", "signature_type": "Function", "target": { "function": "__write_sb_page", "file": "drivers/md/md-bitmap.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2024-35787-3fb14d87" }, { "digest": { "length": 1202.0, "function_hash": "184704553579049011443737404739168277982" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ecbd8ebb51bf7e4939d83b9e6022a55cac44ef06", "signature_type": "Function", "target": { "function": "__write_sb_page", "file": "drivers/md/md-bitmap.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2024-35787-4f3a2a11" }, { "digest": { "length": 775.0, "function_hash": "301784616227449775238184427449872864363" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5a95815b17428ce2f56ec18da5e0d1b2a1a15240", "signature_type": "Function", "target": { "function": "md_bitmap_file_clear_bit", "file": "drivers/md/md-bitmap.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2024-35787-7481753c" }, { "digest": { "length": 775.0, "function_hash": "301784616227449775238184427449872864363" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@736ad6c577a367834118f57417038d45bb5e0a31", "signature_type": "Function", "target": { "function": "md_bitmap_file_clear_bit", "file": "drivers/md/md-bitmap.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2024-35787-75468f53" }, { "digest": { "length": 370.0, "function_hash": "287717978023133228361705104237439247516" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@736ad6c577a367834118f57417038d45bb5e0a31", "signature_type": "Function", "target": { "function": "filemap_write_page", "file": "drivers/md/md-bitmap.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2024-35787-777dac75" }, { "digest": { "length": 738.0, "function_hash": "179770903664361641688184110759696728189" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ecbd8ebb51bf7e4939d83b9e6022a55cac44ef06", "signature_type": "Function", "target": { "function": "md_bitmap_file_set_bit", "file": "drivers/md/md-bitmap.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2024-35787-8be49ecc" }, { "digest": { "line_hashes": [ "325523765181253623482009608797722057312", "315074142979760923359421214896959495428", "73056798449557510066390674911930211489", "244250147663891721859106973964964675184", "66936966217010519901862403990714603294", "125639195696010524172311253183073384048", "176418652032912730183544651551585236513", "250583269779256269437063039973019584379", "145441696839011024335901429327087679925", "51645414971514239097672764785806698974", "300579966987785382970809114562223514622", "75294853918284677194624306842416639794", "51645414971514239097672764785806698974", "300579966987785382970809114562223514622", "75294853918284677194624306842416639794" ], "threshold": 0.9 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@55e55eb65fd5e09faf5a0e49ffcdd37905aaf4da", "signature_type": "Line", "target": { "file": "drivers/md/md-bitmap.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2024-35787-9502cf5c" }, { "digest": { "line_hashes": [ "325523765181253623482009608797722057312", "315074142979760923359421214896959495428", "73056798449557510066390674911930211489", "244250147663891721859106973964964675184", "66936966217010519901862403990714603294", "125639195696010524172311253183073384048", "176418652032912730183544651551585236513", "250583269779256269437063039973019584379", "145441696839011024335901429327087679925", "51645414971514239097672764785806698974", "300579966987785382970809114562223514622", "75294853918284677194624306842416639794", "51645414971514239097672764785806698974", "300579966987785382970809114562223514622", "75294853918284677194624306842416639794" ], "threshold": 0.9 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5a95815b17428ce2f56ec18da5e0d1b2a1a15240", "signature_type": "Line", "target": { "file": "drivers/md/md-bitmap.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2024-35787-bd75d83b" }, { "digest": { "length": 370.0, "function_hash": "287717978023133228361705104237439247516" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ecbd8ebb51bf7e4939d83b9e6022a55cac44ef06", "signature_type": "Function", "target": { "function": "filemap_write_page", "file": "drivers/md/md-bitmap.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2024-35787-ce1333a7" }, { "digest": { "length": 370.0, "function_hash": "287717978023133228361705104237439247516" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5a95815b17428ce2f56ec18da5e0d1b2a1a15240", "signature_type": "Function", "target": { "function": "filemap_write_page", "file": "drivers/md/md-bitmap.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2024-35787-d4710f94" }, { "digest": { "length": 1202.0, "function_hash": "184704553579049011443737404739168277982" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@55e55eb65fd5e09faf5a0e49ffcdd37905aaf4da", "signature_type": "Function", "target": { "function": "__write_sb_page", "file": "drivers/md/md-bitmap.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2024-35787-d89b47cf" }, { "digest": { "length": 370.0, "function_hash": "287717978023133228361705104237439247516" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@55e55eb65fd5e09faf5a0e49ffcdd37905aaf4da", "signature_type": "Function", "target": { "function": "filemap_write_page", "file": "drivers/md/md-bitmap.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2024-35787-dea5ef85" }, { "digest": { "length": 775.0, "function_hash": "301784616227449775238184427449872864363" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@55e55eb65fd5e09faf5a0e49ffcdd37905aaf4da", "signature_type": "Function", "target": { "function": "md_bitmap_file_clear_bit", "file": "drivers/md/md-bitmap.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2024-35787-e1a31cdf" }, { "digest": { "length": 1202.0, "function_hash": "184704553579049011443737404739168277982" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5a95815b17428ce2f56ec18da5e0d1b2a1a15240", "signature_type": "Function", "target": { "function": "__write_sb_page", "file": "drivers/md/md-bitmap.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2024-35787-e225a504" }, { "digest": { "length": 738.0, "function_hash": "179770903664361641688184110759696728189" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5a95815b17428ce2f56ec18da5e0d1b2a1a15240", "signature_type": "Function", "target": { "function": "md_bitmap_file_set_bit", "file": "drivers/md/md-bitmap.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2024-35787-f0fa1e28" }, { "digest": { "line_hashes": [ "325523765181253623482009608797722057312", "315074142979760923359421214896959495428", "73056798449557510066390674911930211489", "244250147663891721859106973964964675184", "66936966217010519901862403990714603294", "125639195696010524172311253183073384048", "176418652032912730183544651551585236513", "250583269779256269437063039973019584379", "145441696839011024335901429327087679925", "51645414971514239097672764785806698974", "300579966987785382970809114562223514622", "75294853918284677194624306842416639794", "51645414971514239097672764785806698974", "300579966987785382970809114562223514622", "75294853918284677194624306842416639794" ], "threshold": 0.9 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ecbd8ebb51bf7e4939d83b9e6022a55cac44ef06", "signature_type": "Line", "target": { "file": "drivers/md/md-bitmap.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2024-35787-f7753b69" }, { "digest": { "length": 738.0, "function_hash": "179770903664361641688184110759696728189" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@55e55eb65fd5e09faf5a0e49ffcdd37905aaf4da", "signature_type": "Function", "target": { "function": "md_bitmap_file_set_bit", "file": "drivers/md/md-bitmap.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2024-35787-f940d4cd" } ] }