CVE-2024-50109 Information

Description

In the Linux kernel the following vulnerability has been resolved:

md/raid10: fix null ptr dereference in raid10_size()

In raid10_run() if raid10_set_queue_limits() succeed the return value is set to zero and if following procedures failed raid10_run() will return zero while mddev->private is still NULL causing null ptr dereference in raid10_size().

Fix the problem by only overwrite the return value if raid10_set_queue_limits() failed.

Reference

https://git.kernel.org/stable/c/b3054db2fd2d35f2eb3b4b5fb1407792f465391c https://git.kernel.org/stable/c/825711e00117fc686ab89ac36a9a7b252dc349c6