CVE-2026-45953
Analyzed Analyzed - Analysis Complete
md/raid5 IO Hang Due to Missing Bitmap Check in Linux Kernel

Publication date: 2026-05-27

Last updated on: 2026-06-16

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix IO hang with degraded array with llbitmap When llbitmap bit state is still unwritten, any new write should force rcw, as bitmap_ops->blocks_synced() is checked in handle_stripe_dirtying(). However, later the same check is missing in need_this_block(), causing stripe to deadloop during handling because handle_stripe() will decide to go to handle_stripe_fill(), meanwhile need_this_block() always return 0 and nothing is handled.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-27
Last Modified
2026-06-16
Generated
2026-06-16
AI Q&A
2026-05-27
EPSS Evaluated
2026-06-15
NVD
CVE-2026-45953
EUVD
EUVD-2026-32237
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
linux linux_kernel From 6.19 (inc) to 6.19.4 (exc)
linux linux_kernel From 6.18 (inc) to 6.18.14 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Linux kernel's md/raid5 subsystem. It involves an issue with the handling of the llbitmap bit state during write operations on a degraded RAID 5 array. Specifically, when the llbitmap bit state is still unwritten, new writes should force a read-modify-write cycle (rcw) because the system checks if blocks are synced in handle_stripe_dirtying(). However, a similar check is missing later in the need_this_block() function. This causes the stripe handling process to enter a deadloop, as handle_stripe() attempts to proceed to handle_stripe_fill(), but need_this_block() always returns 0, resulting in no progress.

Impact Analysis

This vulnerability can cause an IO hang in systems using degraded RAID 5 arrays in the Linux kernel. The deadloop in stripe handling means that write operations may stall indefinitely, potentially leading to system performance degradation, data unavailability, or system instability during RAID 5 degraded mode operations.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-45953. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart