CVE-2026-43163

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A use-after-free race condition exists between the bitmap daemon work() and bitmap resize() functions. The daemon iterates over bitmap->storage.filemap without proper locking, while the resize process frees that storage using md bitmap file unmap(). Because quiesce() fails to stop the md thread, concurrent access to freed pages can occur, leading to a General Protection Fault (GPF)—a type of error occurring when the processor detects a memory access violation—within the write page() function during an array resize.

Recommendations Apply the update that ensures mddev->bitmap info.mutex is held during the bitmap update.