SB20250619204 - Out-of-bounds read in Linux kernel md driver
Published: June 19, 2025 Updated: June 21, 2025
Security Bulletin ID
SB20250619204
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Out-of-bounds read (CVE-ID: CVE-2022-50084)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the raid_status() function in drivers/md/dm-raid.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/1ae0ebfb576b72c2ef400917a5484ebe7892d80b
- https://git.kernel.org/stable/c/1fbeea217d8f297fe0e0956a1516d14ba97d0396
- https://git.kernel.org/stable/c/49dba30638e091120256a9e89125340795f034dc
- https://git.kernel.org/stable/c/4c233811a49578634d10a5e70a9dfa569d451e94
- https://git.kernel.org/stable/c/90b006da40dd42285b24dd3c940d2c32aca9a70b
- https://git.kernel.org/stable/c/b4c6c07c92b6cba2bf3cb2dfa722debeaf8a8abe
- https://git.kernel.org/stable/c/b856ce5f4b55f752144baf17e9d5c415072652c5
- https://git.kernel.org/stable/c/cb583ca6125ac64c98e9d65128e95ebb5be7d322
- https://git.kernel.org/stable/c/d8971b595d7adac3421c21f59918241f1574061e
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.18.18