{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T01:28:08.671","vulnerabilities":[{"cve":{"id":"CVE-2024-45023","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2024-09-11T16:15:07.230","lastModified":"2024-09-13T16:30:30.427","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid1: Fix data corruption for degraded array with slow disk\n\nread_balance() will avoid reading from slow disks as much as possible,\nhowever, if valid data only lands in slow disks, and a new normal disk\nis still in recovery, unrecovered data can be read:\n\nraid1_read_request\n read_balance\n  raid1_should_read_first\n  -> return false\n  choose_best_rdev\n  -> normal disk is not recovered, return -1\n  choose_bb_rdev\n  -> missing the checking of recovery, return the normal disk\n -> read unrecovered data\n\nRoot cause is that the checking of recovery is missing in\nchoose_bb_rdev(). Hence add such checking to fix the problem.\n\nAlso fix similar problem in choose_slow_rdev()."},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: md/raid1: Reparar la corrupción de datos para la matriz degradada con disco lento read_balance() evitará la lectura de discos lentos tanto como sea posible, sin embargo, si los datos válidos solo llegan a discos lentos, y un nuevo disco normal aún está en recuperación, se pueden leer los datos no recuperados: raid1_read_request read_balance raid1_should_read_first -> return false choose_best_rdev -> no se recupera el disco normal, devuelve -1 choose_bb_rdev -> falta la comprobación de recuperación, devuelve el disco normal -> leer datos no recuperados La causa raíz es que falta la comprobación de recuperación en choose_bb_rdev(). Por lo tanto, agregue dicha comprobación para solucionar el problema. También solucione un problema similar en choose_slow_rdev()."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.2}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.9","versionEndExcluding":"6.10.7","matchCriteriaId":"E94ACAFB-7FD4-4D6C-B1EF-5ACFEF7D85D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*","matchCriteriaId":"8B3CE743-2126-47A3-8B7C-822B502CF119"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*","matchCriteriaId":"4DEB27E7-30AA-45CC-8934-B89263EF3551"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*","matchCriteriaId":"E0005AEF-856E-47EB-BFE4-90C46899394D"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/2febf5fdbf5d9a52ddc3e986971c8609b1582d67","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c916ca35308d3187c9928664f9be249b22a3a701","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}}]}