Linux Kernel Holder Mismatch Vulnerability in md Export Function

A vulnerability in the Linux kernel's md (multiple device) management can lead to a holder mismatch warning when exporting device information. This issue arises because the 'claim_rdev' and 'rdev' variables are inconsistently used when managing block devices, particularly when the 'mddev->external' parameter is altered. The vulnerability can be reliably reproduced by creating a new array and continuously adding and removing devices through the sysfs interface, which triggers the warning by causing a mismatch in the expected device handling.

Impact

Exploitation of this vulnerability causes a warning to be generated, indicating a holder mismatch in the block device management. This could potentially lead to improper handling of block devices, although the warning itself may not cause direct harm.

Reproduction

The vulnerability can be reproduced by creating a new md array and then adding and removing devices through the sysfs interface. This can be done by writing to the appropriate sysfs entries for the md array and the devices, which will trigger the holder mismatch warning.

Remediation

Users can update to the latest version of the Linux kernel where this vulnerability has been addressed.