CVE-2025-40242

Linux Kernel 5.15.0-6.12.55, 6.13.0-6.17.5, and specific commits - Use-After-Free in gdlm_put_lock

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix unlikely race in gdlm_put_lock In gdlm_put_lock(), there is a small window of time in which the DFL_UNMOUNT flag has been set but the lockspace hasn't been released, yet. In that window, dlm may still call gdlm_ast() and gdlm_bast(). To prevent it from dereferencing freed glock objects, only free the glock if the lockspace has actually been released.

References (5)

Core 5

Core References

https://git.kernel.org/stable/c/5fdc1474e678eea1700aa266c0b7c2c96f81dd0d

https://git.kernel.org/stable/c/4913592a3358f6ec366b8346b733d5e2360b08e1

Patch

https://git.kernel.org/stable/c/279bde3bbb0ac0bad5c729dfa85983d75a5d7641

Patch

https://git.kernel.org/stable/c/64c61b4ac645222fa7b724cef616c1f862a72a40

Patch

https://git.kernel.org/stable/c/28c4d9bc0708956c1a736a9e49fee71b65deee81

Scores

EPSS 0.0003

EPSS Percentile 9.0%

Details

Status published

Products (30)

linux/Kernel 5.15.0 - 6.12.56linux

linux/Kernel 6.13.0 - 6.17.6linux

Linux/Linux < 5.15

Linux/Linux 01eb3106f43335fdc02111358dae80a5c3fd324d

Linux/Linux 02e838963fdaa6ce8570b5389aecdc6cf1fb40b0

Linux/Linux 2225a5cd2fbc2ef0e0f78e585db3844f60416a39

Linux/Linux 3554b46204e67333e1fb8be0e93936fb08267c80

Linux/Linux 4.14.247 - 4.15

Linux/Linux 4.19.207 - 4.20

Linux/Linux 4.4.284 - 4.5

... and 20 more

Published Dec 04, 2025

Tracked Since Feb 18, 2026