I reported a few months back now about a pretty severe bug that affected QNAP NAS devices and it caused RAID corruption if you had a failed disk in it. In that post I mentioned also that I had heard other NAS users also hit by it and at least one user reporting Synology NAS units affected. I’ve still not played with Synology units, so don’t speak first hand about it.
It has now been confirmed that NAS vendor Synology has tested and found it too was vulnerable to the same issue. Last week they released this forum post to describe a firmware update available. They reveal that the root cause of the issue is linked to a core linux function called skip_copy which is designed to improve performance during failed RAID environments. In the post they state that they believe this issue will only affect a handful of users, which is really dependent on if you do or do not have a drive fail in your RAID array. If you have any firmware lower than DSM 6.1.3 Update 4, then get into upgrading ASAP or else your data will be at risk if you have a drive failure.
The Synology posts shows these models affected
- 17 series: RS18017xs+, RS4017xs+, RS3617xs+, RS3617xs, RS3617RPxs, DS3617xs, DS1817+, DS1817, DS1517+, DS1517
- 16 series: RS18016xs+, RS2416+, RS2416RP+, RS816, DS916+, DS716+II, DS716+, DS416play, DS416slim, DS416j, DS416
- 15 series: RS815+, RS815RP+, RS815, RC18015xs+, DS3615xs, DS2415+, DS2015xs, DS1815+, DS1515+, DS1515, DS715, DS415+, DS415play
- 14 series: RS3614xs+, RS3614xs, RS3614RPxs, RS2414+, RS2414RP+, RS814+, RS814RP+, RS814, RS214, DS414slim, DS414j, DS414
- 13 series: RS10613xs+, RS3413xs+, DS2413+, DS1813+, DS1513+, DS713+, DS413j, DS413
- 12 series: RS3412xs, RS3412RPxs, RS2212+, RS2212RP+, RS812+, RS812RP+, RS812, DS3612xs, DS1812+, DS1512+, DS712+, DS412+
- 11 series: RS3411xs, RS3411RPxs, RS2211+, RS2211RP+, RS411, DS3611xs, DS2411+, DS1511+, DS411+II, DS411+, DS411slim, DS411j, DS411
I’m concerned that vendors we trust our data storage requirements to appear to consider an issue that can affect data integrity with such low regard. QNAP responded at the time with a raft of changes to ensure that they communicated clearly the issue and how to resolve it and I applaud them for it. So far, Synology have done a forum post to reveal what I would consider to be a significant issue for data integrity. I don’t yet know what other means they have done to notify users of this issue.
EDIT 15/9 – Thanks to Kieran Murphy – it looks like an email went out to users of the Synology devices around the same time as the forum post went up.
Anyway – please – go get the update and protect yourself ASAP.
Thanks go to Trevor Harte for letting me know about the post in the first place, I was looking out for more vendors as I had information suggesting it would affect more, but have yet to see anything.