CVE-2025-38451

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> md/md-bitmap: fix GPF in bitmap_get_stats()<br /> <br /> The commit message of commit 6ec1f0239485 ("md/md-bitmap: fix stats<br /> collection for external bitmaps") states:<br /> <br /> Remove the external bitmap check as the statistics should be<br /> available regardless of bitmap storage location.<br /> <br /> Return -EINVAL only for invalid bitmap with no storage (neither in<br /> superblock nor in external file).<br /> <br /> But, the code does not adhere to the above, as it does only check for<br /> a valid super-block for "internal" bitmaps. Hence, we observe:<br /> <br /> Oops: GPF, probably for non-canonical address 0x1cd66f1f40000028<br /> RIP: 0010:bitmap_get_stats+0x45/0xd0<br /> Call Trace:<br /> <br /> seq_read_iter+0x2b9/0x46a<br /> seq_read+0x12f/0x180<br /> proc_reg_read+0x57/0xb0<br /> vfs_read+0xf6/0x380<br /> ksys_read+0x6d/0xf0<br /> do_syscall_64+0x8c/0x1b0<br /> entry_SYSCALL_64_after_hwframe+0x76/0x7e<br /> <br /> We fix this by checking the existence of a super-block for both the<br /> internal and external case.