CVE-2025-68368

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> md: init bioset in mddev_init<br /> <br /> IO operations may be needed before md_run(), such as updating metadata<br /> after writing sysfs. Without bioset, this triggers a NULL pointer<br /> dereference as below:<br /> <br /> BUG: kernel NULL pointer dereference, address: 0000000000000020<br /> Call Trace:<br /> md_update_sb+0x658/0xe00<br /> new_level_store+0xc5/0x120<br /> md_attr_store+0xc9/0x1e0<br /> sysfs_kf_write+0x6f/0xa0<br /> kernfs_fop_write_iter+0x141/0x2a0<br /> vfs_write+0x1fc/0x5a0<br /> ksys_write+0x79/0x180<br /> __x64_sys_write+0x1d/0x30<br /> x64_sys_call+0x2818/0x2880<br /> do_syscall_64+0xa9/0x580<br /> entry_SYSCALL_64_after_hwframe+0x4b/0x53<br /> <br /> Reproducer<br /> ```<br /> mdadm -CR /dev/md0 -l1 -n2 /dev/sd[cd]<br /> echo inactive &gt; /sys/block/md0/md/array_state<br /> echo 10 &gt; /sys/block/md0/md/new_level<br /> ```<br /> <br /> mddev_init() can only be called once per mddev, no need to test if bioset<br /> has been initialized anymore.