1224715 – (CVE-2024-35787) VUL-0: CVE-2024-35787: kernel: md/md-bitmap: fix incorrect usage for sb_index

Bug 1224715 (CVE-2024-35787) - VUL-0: CVE-2024-35787: kernel: md/md-bitmap: fix incorrect usage for sb_index

Summary: VUL-0: CVE-2024-35787: kernel: md/md-bitmap: fix incorrect usage for sb_index

Status:	NEW

Alias:	CVE-2024-35787

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assignee:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/406366/
Whiteboard:	CVSSv3.1:SUSE:CVE-2024-35787:5.5:(AV:...
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2024-05-20 16:08 UTC by SMASH SMASH
Modified:	2024-05-23 11:55 UTC (History)
CC List:	2 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description SMASH SMASH 2024-05-20 16:08:24 UTC

In the Linux kernel, the following vulnerability has been resolved:

md/md-bitmap: fix incorrect usage for sb_index

Commit d7038f951828 ("md-bitmap: don't use ->index for pages backing the
bitmap file") removed page->index from bitmap code, but left wrong code
logic for clustered-md. current code never set slot offset for cluster
nodes, will sometimes cause crash in clustered env.

Call trace (partly):
 md_bitmap_file_set_bit+0x110/0x1d8 [md_mod]
 md_bitmap_startwrite+0x13c/0x240 [md_mod]
 raid1_make_request+0x6b0/0x1c08 [raid1]
 md_handle_request+0x1dc/0x368 [md_mod]
 md_submit_bio+0x80/0xf8 [md_mod]
 __submit_bio+0x178/0x300
 submit_bio_noacct_nocheck+0x11c/0x338
 submit_bio_noacct+0x134/0x614
 submit_bio+0x28/0xdc
 submit_bh_wbc+0x130/0x1cc
 submit_bh+0x1c/0x28

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-35787
https://www.cve.org/CVERecord?id=CVE-2024-35787
https://git.kernel.org/stable/c/55e55eb65fd5e09faf5a0e49ffcdd37905aaf4da
https://git.kernel.org/stable/c/5a95815b17428ce2f56ec18da5e0d1b2a1a15240
https://git.kernel.org/stable/c/736ad6c577a367834118f57417038d45bb5e0a31
https://git.kernel.org/stable/c/ecbd8ebb51bf7e4939d83b9e6022a55cac44ef06
https://git.kernel.org/pub/scm/linux/security/vulns.git/plain/cve/published/2024/CVE-2024-35787.mbox
https://bugzilla.redhat.com/show_bug.cgi?id=2281061

Comment 1 Joey Lee 2024-05-21 07:01:33 UTC

https://www.suse.com/security/cve/CVE-2024-35787.html
cvss 5.5

Comment 2 Joey Lee 2024-05-23 11:55:37 UTC

joeyli@linux-691t:/mnt/working/source_code-git/kernel-source> ./scripts/check-kernel-fix CVE-2024-35787
ecbd8ebb51bf ("md/md-bitmap: fix incorrect usage for sb_index") merged v6.9-rc1~214^2~34^2~2
Fixes: d7038f951828 ("md-bitmap: don't use ->index for pages backing the bitmap file") merged v6.6-rc1~151^2~40^2~21
Security fix for CVE-2024-35787 bsc#1224715 with CVSS 5.5
Experts candidates: heming.zhao@suse.com 
..............................
NO ACTION NEEDED: All relevant branches contain the fix!

Does not affect any branch. reset assignee