Linux Kernel Bitmap Synchronization Vulnerability Leading to General Protection Fault

A vulnerability in the Linux kernel's MD (multiple device) subsystem has been addressed. The issue arose in the MD bitmap handling, where the 'sync_size' was added to the bitmap statistics structure. This change introduced a general protection fault, likely due to a non-canonical address, because the 'bitmap_get_stats()' function could be called at any time if the MD device was still present, even if the bitmap was destroyed or not fully initialized. This situation could lead to dereferencing a bitmap that caused a kernel crash. The vulnerability was exacerbated by the fact that the modified code began to dereference the bitmap's storage, making the issue easier to trigger. The vulnerability has been fixed by adding a mutex lock to synchronize access to the bitmap statistics, preventing the 'bitmap_get_stats()' function from being called improperly.

Impact

Exploitation of this vulnerability could lead to a general protection fault, causing a kernel panic and crashing the system.