device mapper raid

About this tag
The device mapper raid tag covers discussions about Linux software RAID implemented via the device mapper (dm-raid) framework, including the md/dm-raid driver. Content focuses on security vulnerabilities such as CVE-2024-35808, a high-risk flaw in the kernel's software RAID code that could allow local denial-of-service attacks. Patches and mitigation strategies are shared, emphasizing the replacement of unsafe direct calls with safer helper functions like stop_sync_thread. The tag is relevant for system administrators and IT professionals managing RAID-managed storage on Linux systems, particularly those concerned with kernel security updates and stability.
  1. CVE-2024-35808: Linux Software RAID DoS Patch and Mitigation Guide

    A high-risk flaw in the Linux kernel’s software RAID code, tracked as CVE-2024-35808, has been quietly fixed upstream and pushed into vendor updates: the md/dm-raid driver called md_reap_sync_thread from raid_message without the necessary synchronization, creating a window where the kernel’s...