Volerion logoVolerion
Volerion logoVolerion

Linux Kernel RAID5 Double Free Vulnerability in Bad Block Handling

Vulnerability

A vulnerability in the Linux kernel's RAID5 implementation can lead to a double free error when handling chunk-sized reads on disks with bad blocks. This issue arises from an unnecessary bio_put() call in the raid5_read_one_chunk() function, which was introduced after the bad block check was moved. The vulnerability affects the Linux kernel stable tree, specifically in the RAID5 module.

Impact

The vulnerability causes a double free error, where a memory object is freed twice, leading to potential memory corruption.

Reproduction

The vulnerability can be reproduced by performing chunk-sized read operations on RAID5 arrays that include disks with bad blocks. This will trigger the bad block handling routine, which incorrectly frees the bio structure, causing a double free error.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed.

Added: Dec 24, 2025, 5:15 PM
Updated: Dec 24, 2025, 5:15 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
0.6
exploitability
5.7
remediation
7.7
relevance
1.6
threat
4.8
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.