Volerion logoVolerion
Volerion logoVolerion

Linux Kernel RAID10 Memory Leak Vulnerability in Request Handling

Vulnerability

A memory leak vulnerability has been identified in the Linux kernel's RAID10 implementation. When the RAID10 read or write request functions register a new request with the REQ_NOWAIT flag set, the allocated memory is not properly freed. This issue leads to unreferenced memory objects, causing a potential memory leak. The vulnerability has been addressed in the Linux kernel stable tree.

Impact

Exploitation of this vulnerability leads to a memory leak, where allocated memory is not properly released, potentially causing increased memory usage and degradation of system performance over time.

Reproduction

The vulnerability can be reproduced by using the 'fio' tool to send read or write requests to a RAID10 array with the REQ_NOWAIT flag enabled. The RAID10 request handling code will allocate memory for the request but fail to free it, leading to a memory leak.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed.

Added: Sep 1, 2025, 7:22 PM
Updated: Sep 1, 2025, 7:22 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
4.3
remediation
7.7
relevance
0.3
threat
4.8
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.