CVE-2025-22124: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: md/md-bitmap: fix wrong bitmap_limit for clustermd when write sb In clustermd, separate write-intent-bitmaps are used for each cluster node: 0 4k 8k 12k ------------------------------------------------------------------- | idle | md super | bm super [0] + bits | | bm bits[0, contd] | bm super[1] + bits | bm bits[1, contd] | | bm super[2] + bits | bm bits [2, contd] | bm super[3] + bits | | bm bits [3, contd] | | | So in node 1, pg_index in __write_sb_page() could equal to bitmap->storage.file_pages. Then bitmap_limit will be calculated to 0. md_super_write() will be called with 0 size. That means the first 4k sb area of node 1 will never be updated through filemap_write_page(). This bug causes hang of mdadm/clustermd_tests/01r1_Grow_resize. Here use (pg_index % bitmap->storage.file_pages) to make calculation of bitmap_limit correct.
AI Analysis
Technical Summary
CVE-2025-22124 is a vulnerability identified in the Linux kernel's md (multiple device) subsystem, specifically affecting the clustermd component which manages write-intent bitmaps for clustered RAID configurations. The issue arises from incorrect calculation of the bitmap_limit parameter in the __write_sb_page() function. In clustermd, each cluster node maintains separate write-intent bitmaps to track changes. The vulnerability occurs when the page index (pg_index) equals the total number of file pages in the bitmap storage, causing bitmap_limit to be calculated as zero. Consequently, the md_super_write() function is called with a size of zero, leading to the first 4KB superblock area of node 1 never being updated via filemap_write_page(). This improper update can cause the mdadm utility or clustermd tests to hang, indicating a denial-of-service condition. The root cause is a missing modulo operation in the calculation of bitmap_limit, which should use (pg_index % bitmap->storage.file_pages) to ensure correct wrapping of page indices. This bug affects specific Linux kernel versions identified by their commit hashes, and it has been resolved in a patch that corrects the bitmap_limit calculation. No known exploits are currently reported in the wild, and no CVSS score has been assigned yet.
Potential Impact
For European organizations relying on Linux servers with clustered RAID configurations managed by clustermd, this vulnerability could lead to system hangs or denial-of-service conditions during disk management operations such as resizing or growing RAID arrays. This can disrupt critical storage services, potentially impacting data availability and operational continuity. While the vulnerability does not directly lead to data corruption or unauthorized access, the inability to update the superblock correctly could cause administrative tools like mdadm to become unresponsive, complicating system maintenance and recovery. Organizations with high-availability storage clusters or those performing frequent RAID reconfigurations are particularly at risk. The impact is more pronounced in environments where uptime and data availability are critical, such as financial institutions, healthcare providers, and cloud service providers across Europe.
Mitigation Recommendations
European organizations should promptly apply the Linux kernel patch that fixes the bitmap_limit calculation in clustermd. System administrators should monitor kernel updates from trusted Linux distributions and prioritize updates for affected kernel versions identified by the commit hashes provided. Additionally, organizations should audit their use of clustered RAID configurations and test the application of patches in staging environments to ensure stability before production deployment. It is advisable to implement monitoring for mdadm and clustermd processes to detect hangs or abnormal behavior early. Backup strategies should be reviewed and tested to ensure data integrity in case of storage subsystem failures. Where possible, consider temporarily avoiding operations that trigger this vulnerability, such as resizing RAID arrays, until patches are applied. Finally, maintain close coordination with Linux distribution vendors for timely security advisories and patches.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Denmark, Italy, Spain, Poland
CVE-2025-22124: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: md/md-bitmap: fix wrong bitmap_limit for clustermd when write sb In clustermd, separate write-intent-bitmaps are used for each cluster node: 0 4k 8k 12k ------------------------------------------------------------------- | idle | md super | bm super [0] + bits | | bm bits[0, contd] | bm super[1] + bits | bm bits[1, contd] | | bm super[2] + bits | bm bits [2, contd] | bm super[3] + bits | | bm bits [3, contd] | | | So in node 1, pg_index in __write_sb_page() could equal to bitmap->storage.file_pages. Then bitmap_limit will be calculated to 0. md_super_write() will be called with 0 size. That means the first 4k sb area of node 1 will never be updated through filemap_write_page(). This bug causes hang of mdadm/clustermd_tests/01r1_Grow_resize. Here use (pg_index % bitmap->storage.file_pages) to make calculation of bitmap_limit correct.
AI-Powered Analysis
Technical Analysis
CVE-2025-22124 is a vulnerability identified in the Linux kernel's md (multiple device) subsystem, specifically affecting the clustermd component which manages write-intent bitmaps for clustered RAID configurations. The issue arises from incorrect calculation of the bitmap_limit parameter in the __write_sb_page() function. In clustermd, each cluster node maintains separate write-intent bitmaps to track changes. The vulnerability occurs when the page index (pg_index) equals the total number of file pages in the bitmap storage, causing bitmap_limit to be calculated as zero. Consequently, the md_super_write() function is called with a size of zero, leading to the first 4KB superblock area of node 1 never being updated via filemap_write_page(). This improper update can cause the mdadm utility or clustermd tests to hang, indicating a denial-of-service condition. The root cause is a missing modulo operation in the calculation of bitmap_limit, which should use (pg_index % bitmap->storage.file_pages) to ensure correct wrapping of page indices. This bug affects specific Linux kernel versions identified by their commit hashes, and it has been resolved in a patch that corrects the bitmap_limit calculation. No known exploits are currently reported in the wild, and no CVSS score has been assigned yet.
Potential Impact
For European organizations relying on Linux servers with clustered RAID configurations managed by clustermd, this vulnerability could lead to system hangs or denial-of-service conditions during disk management operations such as resizing or growing RAID arrays. This can disrupt critical storage services, potentially impacting data availability and operational continuity. While the vulnerability does not directly lead to data corruption or unauthorized access, the inability to update the superblock correctly could cause administrative tools like mdadm to become unresponsive, complicating system maintenance and recovery. Organizations with high-availability storage clusters or those performing frequent RAID reconfigurations are particularly at risk. The impact is more pronounced in environments where uptime and data availability are critical, such as financial institutions, healthcare providers, and cloud service providers across Europe.
Mitigation Recommendations
European organizations should promptly apply the Linux kernel patch that fixes the bitmap_limit calculation in clustermd. System administrators should monitor kernel updates from trusted Linux distributions and prioritize updates for affected kernel versions identified by the commit hashes provided. Additionally, organizations should audit their use of clustered RAID configurations and test the application of patches in staging environments to ensure stability before production deployment. It is advisable to implement monitoring for mdadm and clustermd processes to detect hangs or abnormal behavior early. Backup strategies should be reviewed and tested to ensure data integrity in case of storage subsystem failures. Where possible, consider temporarily avoiding operations that trigger this vulnerability, such as resizing RAID arrays, until patches are applied. Finally, maintain close coordination with Linux distribution vendors for timely security advisories and patches.
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-12-29T08:45:45.823Z
- Cisa Enriched
- false
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9820c4522896dcbdd434
Added to database: 5/21/2025, 9:08:48 AM
Last enriched: 7/3/2025, 9:41:26 PM
Last updated: 8/15/2025, 12:43:54 PM
Views: 12
Related Threats
CVE-2025-53948: CWE-415 Double Free in Santesoft Sante PACS Server
HighCVE-2025-52584: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-46269: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-54862: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumCVE-2025-54759: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.