Null-pointer Dereference Vulnerability in Linux Kernel Affecting md/raid5
CVE-2025-71135

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 14 January 2026

What is CVE-2025-71135?

A potential null-pointer dereference vulnerability exists in the Linux kernel's md/raid5 subsystem. The issue arises from an improper handling of the mddev->private variable in the raid5_store_group_thread_cnt() function. If the variable is NULL, subsequent calls to raid5_quiesce() can lead to dereferencing a NULL pointer, causing undefined behavior or system crashes. The vulnerability has been mitigated by implementing a check that ensures mddev is unlocked and properly returns before calling raid5_quiesce() when the private configuration pointer is not valid, thus following the standard practice in similar functions like raid5_change_consistency_policy().

Affected Version(s)

Linux be19e6e4339d1579d5f2fae8ce4facf9521dbbfc < 20597b7229aea8b5bc45cd92097640257c7fc33b

Linux fa1944bbe6220eb929e2c02e5e8706b908565711

Linux fa1944bbe6220eb929e2c02e5e8706b908565711 < 7ad6ef91d8745d04aff9cce7bdbc6320d8e05fe9

References

https://git.kernel.org/stable/c/20597b7229aea8b5bc45cd920...

https://git.kernel.org/stable/c/e5abb6af905de6b2fead8a0b3...

https://git.kernel.org/stable/c/7ad6ef91d8745d04aff9cce7b...

Timeline

Vulnerability published
Jan 14, 2026
Vulnerability Reserved
Jan 13, 2026

JSON