CVE-2024-45023 Information

Description

In the Linux kernel the following vulnerability has been resolved:

md/raid1: Fix data corruption for degraded array with slow disk

read_balance() will avoid reading from slow disks as much as possible however if valid data only lands in slow disks and a new normal disk is still in recovery unrecovered data can be read:

raid1_read_request read_balance raid1_should_read_first -> return false choose_best_rdev -> normal disk is not recovered return -1 choose_bb_rdev -> missing the checking of recovery return the normal disk -> read unrecovered data

Root cause is that the checking of recovery is missing in choose_bb_rdev(). Hence add such checking to fix the problem.

Also fix similar problem in choose_slow_rdev().

Reference

https://git.kernel.org/stable/c/2febf5fdbf5d9a52ddc3e986971c8609b1582d67 https://git.kernel.org/stable/c/c916ca35308d3187c9928664f9be249b22a3a701