Description

In the Linux kernel, the following vulnerability has been resolved: md/raid1: Fix data corruption for degraded array with slow disk read_balance() will avoid reading from slow disks as much as possible, however, if valid data only lands in slow disks, and a new normal disk is still in recovery, unrecovered data can be read: raid1_read_request read_balance raid1_should_read_first -> return false choose_best_rdev -> normal disk is not recovered, return -1 choose_bb_rdev -> missing the checking of recovery, return the normal disk -> read unrecovered data Root cause is that the checking of recovery is missing in choose_bb_rdev(). Hence add such checking to fix the problem. Also fix similar problem in choose_slow_rdev().

INFO

Published Date :

2024-09-11T15:13:56.451Z

Last Modified :

2025-05-04T09:31:18.657Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-45023 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-45023.

URL Resource
https://git.kernel.org/stable/c/2febf5fdbf5d9a52ddc3e986971c8609b1582d67 cve-icon cve-icon
https://git.kernel.org/stable/c/c916ca35308d3187c9928664f9be249b22a3a701 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2024091109-CVE-2024-45023-d7f2@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-45023 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-45023 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact