Nigel Croxon

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.37 Description: A vulnerability in the Linux kernel's md component is related to incorrect locking, which can cause a softlockup when the bitmap size is less than the array size. This issue can be triggered by running lvextend and lvchange --syncaction commands on dm-raid10 configurations, leading to a soft lockup. The root cause is a commit that returns early from md bitmap get counter() without setting returned blocks. The problem is fixed by always setting returned blocks from md bitmap get counter(), as it used to be. However, the case where the bitmap size doesn't match the array size still needs to be fixed. Recommendations: To resolve this issue, update the Linux kernel to version 6.6.37 or later. As a temporary workaround, consider disabling the `md do sync` function until a patch is available. Restrict access to the `md bitmap start sync` function to minimize the risk of exploitation. Avoid using the `lvextend` and `lvchange --syncaction` commands on dm-raid10 configurations until the issue is resolved.