VYPR
Medium severity5.5NVD Advisory· Published Jul 25, 2025· Updated Jun 17, 2026

CVE-2025-38451

CVE-2025-38451

Description

In the Linux kernel, the following vulnerability has been resolved:

md/md-bitmap: fix GPF in bitmap_get_stats()

The commit message of commit 6ec1f0239485 ("md/md-bitmap: fix stats collection for external bitmaps") states:

Remove the external bitmap check as the statistics should be available regardless of bitmap storage location.

Return -EINVAL only for invalid bitmap with no storage (neither in superblock nor in external file).

But, the code does not adhere to the above, as it does only check for a valid super-block for "internal" bitmaps. Hence, we observe:

Oops: GPF, probably for non-canonical address 0x1cd66f1f40000028 RIP: 0010:bitmap_get_stats+0x45/0xd0 Call Trace:

seq_read_iter+0x2b9/0x46a seq_read+0x12f/0x180 proc_reg_read+0x57/0xb0 vfs_read+0xf6/0x380 ksys_read+0x6d/0xf0 do_syscall_64+0x8c/0x1b0 entry_SYSCALL_64_after_hwframe+0x76/0x7e

We fix this by checking the existence of a super-block for both the internal and external case.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

53

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.