Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

Vulnerability Intelligence

Customers

CVE-2021-46950 | Mondoo Vulnerability Intelligence

Vulnerability IntelligenceCVE-2021-46950

CVE-2021-46950

HIGH7.8

md/raid1: properly indicate failure when ending a failed write request

Published Feb 27, 2024

Modified 10 months ago

Details

In the Linux kernel, the following vulnerability has been resolved:

md/raid1: properly indicate failure when ending a failed write request

This patch addresses a data corruption bug in raid1 arrays using bitmaps. Without this fix, the bitmap bits for the failed I/O end up being cleared.

Since we are in the failure leg of raid1_end_write_request, the request either needs to be retried (R1BIO_WriteError) or failed (R1BIO_Degraded).

References

WEB

https://git.kernel.org/stable/c/12216d0919b64ee2ea5dc7a50e455670f44383d5

WEB

https://git.kernel.org/stable/c/2417b9869b81882ab90fd5ed1081a1cb2d4db1dd

WEB

https://git.kernel.org/stable/c/538244fba59fde17186322776247cd9c05be86dd

WEB

https://git.kernel.org/stable/c/59452e551784b7a57a45d971727e9db63b192515

WEB

https://git.kernel.org/stable/c/661061a45e32d8b2cc0e306da9f169ad44011382

WEB

https://git.kernel.org/stable/c/6920cef604fa57f9409e3960413e9cc11f5c5a40

WEB

https://git.kernel.org/stable/c/a6e17cab00fc5bf85472434c52ac751426257c6f

ADVISORY

https://www.cve.org/CVERecord?id=CVE-2021-46950

CVSS Analysis

CVSS v3.1

7.8

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

UnchangedS:U

Impact

Confidentiality

HighC:H

Integrity

HighI:H

Availability

HighA:H

7.8/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Ecosystems

Timeline

PublishedFeb 27, 2024

ModifiedMay 7, 2025