CVE-2025-40242

In the Linux kernel, the following vulnerability has been resolved:

gfs2: Fix unlikely race in gdlm_put_lock

In gdlm_put_lock(), there is a small window of time in which the
DFL_UNMOUNT flag has been set but the lockspace hasn't been released,
yet.  In that window, dlm may still call gdlm_ast() and gdlm_bast().
To prevent it from dereferencing freed glock objects, only free the
glock if the lockspace has actually been released.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
UNKNOWN
---
LinuxCNA
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 5%
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
vulnerable
bullseye (security)
vulnerable
bookworm
vulnerable
bookworm (security)
vulnerable
trixie
6.12.63-1
fixed
trixie (security)
vulnerable
forky
6.17.13-1
fixed
sid
6.18.5-1
fixed
Vulnerability Media Exposure
References
https://git.kernel.org/stable/c/279bde3bbb0ac0bad5c729dfa85983d75a5d7641
https://git.kernel.org/stable/c/28c4d9bc0708956c1a736a9e49fee71b65deee81
https://git.kernel.org/stable/c/64c61b4ac645222fa7b724cef616c1f862a72a40