CVE-2026-53048

EUVD-2026-38916

24.06.2026, 17:17

In the Linux kernel, the following vulnerability has been resolved:

gfs2: prevent NULL pointer dereference during unmount

When flushing out outstanding glock work during an unmount, gfs2_log_flush()
can be called when sdp->sd_jdesc has already been deallocated and sdp->sd_jdesc
is NULL. Commit 35264909e9d1 ("gfs2: Fix NULL pointer dereference in
gfs2_log_flush") added a check for that to gfs2_log_flush() itself, but it
missed the sdp->sd_jdesc dereference in gfs2_log_release(). Fix that.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	UNKNOWN				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: 6%

Debian Releases

Debian Product

Codename

linux

bookworm	vulnerable
bookworm (security)	vulnerable
bullseye	5.10.223-1 fixed
bullseye (security)	5.10.257-1 fixed
forky	7.0.12-2 fixed
sid	7.0.13-1 fixed
trixie	vulnerable
trixie (security)	6.12.94-1 fixed

Vulnerability Media Exposure

[GERMAN] Linux Kernel: Mehrere Schwachstellen
Ein entfernter Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um Sicherheitsvorkehrungen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen und weitere, nicht näher spezifizierte Auswirkungen zu erzielen.
Published: 2026-06-24T22:00:00+00:00

References

https://git.kernel.org/stable/c/233a0945a4b1dbe3f38c30afb7d05b76c67f1193

https://git.kernel.org/stable/c/2fc4c868c9060f424fd4a7cacb0aec5082aba4de

https://git.kernel.org/stable/c/74b4dbb946060a3233604d91859a9abd3708141d

https://git.kernel.org/stable/c/abd73229f0e886a91a16ea781ab656bd9b4d1ee8

https://git.kernel.org/stable/c/cec55674354794eddb80b914f73a6bf9b7fc304a

https://git.kernel.org/stable/c/d8ffae016c4a78693fe1283335d0b6833a9c1366

https://git.kernel.org/stable/c/e15f16761594e80b15776980b27c35477655a135