CVE-2026-43309

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> md raid: fix hang when stopping arrays with metadata through dm-raid<br /> <br /> When using device-mapper&amp;#39;s dm-raid target, stopping a RAID array can cause<br /> the system to hang under specific conditions.<br /> <br /> This occurs when:<br /> <br /> - A dm-raid managed device tree is suspended from top to bottom<br /> (the top-level RAID device is suspended first, followed by its<br /> underlying metadata and data devices)<br /> <br /> - The top-level RAID device is then removed<br /> <br /> Removing the top-level device triggers a hang in the following sequence:<br /> the dm-raid destructor calls md_stop(), which tries to flush the<br /> write-intent bitmap by writing to the metadata sub-devices. However, these<br /> devices are already suspended, making them unable to complete the write-intent<br /> operations and causing an indefinite block.<br /> <br /> Fix:<br /> <br /> - Prevent bitmap flushing when md_stop() is called from dm-raid<br /> destructor context<br /> and avoid a quiescing/unquescing cycle which could also cause I/O<br /> <br /> - Still allow write-intent bitmap flushing when called from dm-raid<br /> suspend context<br /> <br /> This ensures that RAID array teardown can complete successfully even when the<br /> underlying devices are in a suspended state.<br /> <br /> This second patch uses md_is_rdwr() to distinguish between suspend and<br /> destructor paths as elaborated on above.