CVE-2024-23307

md/raid5: fix atomicity violation in raid5_cache_count

References

https://bugzilla.openanolis.cn/show_bug.cgi?id=7975

Notes

 carnil> CVE description reads as "Integer Overflow or Wraparound
 carnil> vulnerability in Linux Linux kernel kernel on Linux, x86, ARM
 carnil> (md, raid, raid5 modules) allows Forced Integer Overflow."
 carnil> which indicates together with the affected version (from v4.1-
 carnil> rc1 before v6.8-rc1), that it is a upstream Linux kernel issue.
 carnil> To date (2024-01-25) the OpenAnolis is restricted.

Bugs

Status

Branch	Status
4.19-buster-security	unknown
4.19-upstream-stable	unknown
5.10-bullseye-security	unknown
5.10-upstream-stable	unknown
6.1-bookworm-security	unknown
6.1-upstream-stable	unknown
6.6-upstream-stable	unknown
6.8-upstream-stable	unknown
sid	unknown
upstream	released (6.9-rc1) [dfd2bf436709b2bccb78c2dda550dde93700efa7]