CVE-2025-71135

Published: Jan 14, 2026

Modified: May 23, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix possible null-pointer dereferences in raid5_store_group_thread_cnt() The variable mddev->private is first assigned to conf and then checked: conf = mddev->private; if (!conf) ... If conf is NULL, then mddev->private is also NULL. In this case, null-pointer dereferences can occur when calling raid5_quiesce(): raid5_quiesce(mddev, true); raid5_quiesce(mddev, false); since mddev->private is assigned to conf again in raid5_quiesce(), and conf is dereferenced in several places, for example: conf->quiesce = 0; wake_up(&conf->wait_for_quiescent); To fix this issue, the function should unlock mddev and return before invoking raid5_quiesce() when conf is NULL, following the existing pattern in raid5_change_consistency_policy().

Vendor	Product	Versions
Linux	Linux	affected `be19e6e4339d1579d5f2fae8ce4facf9521dbbfc - < 20597b7229aea8b5bc45cd92097640257c7fc33b` affected `fa1944bbe6220eb929e2c02e5e8706b908565711 - < e5abb6af905de6b2fead8a0b3f32ab0b81468a01` affected `fa1944bbe6220eb929e2c02e5e8706b908565711 - < 7ad6ef91d8745d04aff9cce7bdbc6320d8e05fe9` affected `6.12.4 - < 6.12.64`
Linux	Linux	affected `6.13` unaffected `0 - < 6.13` unaffected `6.12.64 - <= 6.12.` unaffected `6.18.4 - <= 6.18.` unaffected `6.19 - <= *`

References

https://git.kernel.org/stable/c/20597b7229aea8b5bc45cd92097640257c7fc33b

https://git.kernel.org/stable/c/e5abb6af905de6b2fead8a0b3f32ab0b81468a01

https://git.kernel.org/stable/c/7ad6ef91d8745d04aff9cce7bdbc6320d8e05fe9

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-71135

Description

Affected Products

References