We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2025-38140

dm: limit swapping tables for devices with zone write plugs



Description

In the Linux kernel, the following vulnerability has been resolved: dm: limit swapping tables for devices with zone write plugs dm_revalidate_zones() only allowed new or previously unzoned devices to call blk_revalidate_disk_zones(). If the device was already zoned, disk->nr_zones would always equal md->nr_zones, so dm_revalidate_zones() returned without doing any work. This would make the zoned settings for the device not match the new table. If the device had zone write plug resources, it could run into errors like bdev_zone_is_seq() reading invalid memory because disk->conv_zones_bitmap was the wrong size. If the device doesn't have any zone write plug resources, calling blk_revalidate_disk_zones() will always correctly update device. If blk_revalidate_disk_zones() fails, it can still overwrite or clear the current disk->nr_zones value. In this case, DM must restore the previous value of disk->nr_zones, so that the zoned settings will continue to match the previous value that it fell back to. If the device already has zone write plug resources, blk_revalidate_disk_zones() will not correctly update them, if it is called for arbitrary zoned device changes. Since there is not much need for this ability, the easiest solution is to disallow any table reloads that change the zoned settings, for devices that already have zone plug resources. Specifically, if a device already has zone plug resources allocated, it can only switch to another zoned table that also emulates zone append. Also, it cannot change the device size or the zone size. A device can switch to an error target.

Reserved 2025-04-16 | Published 2025-07-03 | Updated 2025-07-03 | Assigner Linux

Product status

Default status
unaffected

bb37d77239af25cde59693dbe3fac04dd17d7b29 before ac8acb0bfd98a1c65f3ca9a3e217a766124eebd8
affected

bb37d77239af25cde59693dbe3fac04dd17d7b29 before 121218bef4c1df165181f5cd8fc3a2246bac817e
affected

Default status
affected

5.14
affected

Any version before 5.14
unaffected

6.15.3
unaffected

6.16-rc1
unaffected

References

git.kernel.org/...c/ac8acb0bfd98a1c65f3ca9a3e217a766124eebd8

git.kernel.org/...c/121218bef4c1df165181f5cd8fc3a2246bac817e

cve.org (CVE-2025-38140)

nvd.nist.gov (CVE-2025-38140)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2025-38140

Support options

Helpdesk Chat, Email, Knowledgebase