Home

Description

In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix null-ptr-deref of mreplace in raid10_sync_request There are two check of 'mreplace' in raid10_sync_request(). In the first check, 'need_replace' will be set and 'mreplace' will be used later if no-Faulty 'mreplace' exists, In the second check, 'mreplace' will be set to NULL if it is Faulty, but 'need_replace' will not be changed accordingly. null-ptr-deref occurs if Faulty is set between two check. Fix it by merging two checks into one. And replace 'need_replace' with 'mreplace' because their values are always the same.

PUBLISHED Reserved 2025-09-17 | Published 2025-09-18 | Updated 2025-09-18 | Assigner Linux

Product status

Default status
unaffected

ee37d7314a32ab6809eacc3389bad0406c69a81f (git) before 45fa023b3334a7ae6f6c4eb977295804222dfa28
affected

ee37d7314a32ab6809eacc3389bad0406c69a81f (git) before 2990e2ece18dd4cca71b3109c80517ad94adb065
affected

ee37d7314a32ab6809eacc3389bad0406c69a81f (git) before f4368a462b1f9a8ecc2fdb09a28c3d4cad302a4f
affected

ee37d7314a32ab6809eacc3389bad0406c69a81f (git) before 222cc459d59857ee28a5366dc225ab42b22f9272
affected

ee37d7314a32ab6809eacc3389bad0406c69a81f (git) before b5015b97adda6a24dd3e713c63e521ecbeff25c6
affected

ee37d7314a32ab6809eacc3389bad0406c69a81f (git) before 144c7fd008e0072b0b565f1157eec618de54ca8a
affected

ee37d7314a32ab6809eacc3389bad0406c69a81f (git) before 34817a2441747b48e444cb0e05d84e14bc9443da
affected

Default status
affected

4.20
affected

Any version before 4.20
unaffected

5.4.251 (semver)
unaffected

5.10.188 (semver)
unaffected

5.15.121 (semver)
unaffected

6.1.39 (semver)
unaffected

6.3.13 (semver)
unaffected

6.4.4 (semver)
unaffected

6.5 (original_commit_for_fix)
unaffected

References

git.kernel.org/...c/45fa023b3334a7ae6f6c4eb977295804222dfa28

git.kernel.org/...c/2990e2ece18dd4cca71b3109c80517ad94adb065

git.kernel.org/...c/f4368a462b1f9a8ecc2fdb09a28c3d4cad302a4f

git.kernel.org/...c/222cc459d59857ee28a5366dc225ab42b22f9272

git.kernel.org/...c/b5015b97adda6a24dd3e713c63e521ecbeff25c6

git.kernel.org/...c/144c7fd008e0072b0b565f1157eec618de54ca8a

git.kernel.org/...c/34817a2441747b48e444cb0e05d84e14bc9443da

cve.org (CVE-2023-53380)

nvd.nist.gov (CVE-2023-53380)

Download JSON