Linux Kernel RAID5 Component Soft Lockup Vulnerability in Aligned Read Retry Process

A vulnerability in the Linux kernel's RAID5 handling has been addressed, which caused a soft lockup by creating an infinite loop during the retry of aligned read operations. This issue occurred when the 'retry_aligned_read()' function encountered an overlapped stripe. The function would release the stripe, but the subsequent processing loop failed to handle the overlap, leading to a deadlock. The vulnerability affected the Linux kernel's stable releases.

Impact

The vulnerability caused a soft lockup, where the system became unresponsive due to an infinite loop that prevented normal processing from occurring.

Reproduction

The vulnerability can be reproduced by configuring a RAID5 array in the Linux kernel and performing I/O operations that create overlapped stripes. The 'retry_aligned_read()' function will then encounter the overlap and trigger the soft lockup by removing the stripe from the handling list before it can be processed, causing the infinite loop.

Remediation

Users can upgrade to the latest stable version of the Linux kernel, where this vulnerability has been fixed. Instructions for downloading the latest version can be found on the official Linux kernel website.