CVE-2026-43163

UNKNOWN 0.0

md/bitmap: fix GPF in write_page caused by resize race

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: md/bitmap: fix GPF in write_page caused by resize race A General Protection Fault occurs in write_page() during array resize: RIP: 0010:write_page+0x22b/0x3c0 [md_mod] This is a use-after-free race between bitmap_daemon_work() and __bitmap_resize(). The daemon iterates over `bitmap->storage.filemap` without locking, while the resize path frees that storage via md_bitmap_file_unmap(). `quiesce()` does not stop the md thread, allowing concurrent access to freed pages. Fix by holding `mddev->bitmap_info.mutex` during the bitmap update.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	May 6, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

d60b479d177a5735b6b4db6ee5280ef6653f50e7 < 140cc839fbeb1ddb33a8da8811b716d88d3905b7 d60b479d177a5735b6b4db6ee5280ef6653f50e7 < ebcacc7ca22d5e8a03a970f0621ae1d1356b9ae8 d60b479d177a5735b6b4db6ee5280ef6653f50e7 < d3af62411e19752c663fe4f424dbf49d95a4cc7c d60b479d177a5735b6b4db6ee5280ef6653f50e7 < d92b8fac294b5f915c50e65ce4ae2262e53614ec d60b479d177a5735b6b4db6ee5280ef6653f50e7 < a437e3bf30e32846079e470c1ba5ee790bccdf89 d60b479d177a5735b6b4db6ee5280ef6653f50e7 < 9a6f8cd28bb9bb6ed86a6df19331fb08016dee7f d60b479d177a5735b6b4db6ee5280ef6653f50e7 < 5f73c8b33df9a605a591eab72d43a969600c1f8c d60b479d177a5735b6b4db6ee5280ef6653f50e7 < 46ef85f854dfa9d5226b3c1c46493d79556c9589

Linux / Linux

3.5

References

NVD ↗ CVE.org ↗ EPSS Data ↗