CVE-2026-45955

HIGH

md/md-llbitmap: fix percpu_ref not resurrected on suspend timeout

Title source: cna
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: md/md-llbitmap: fix percpu_ref not resurrected on suspend timeout When llbitmap_suspend_timeout() times out waiting for percpu_ref to become zero, it returns -ETIMEDOUT without resurrecting the percpu_ref. The caller (md_llbitmap_daemon_fn) then continues to the next page without calling llbitmap_resume(), leaving the percpu_ref in a killed state permanently. Fix this by resurrecting the percpu_ref before returning the error, ensuring the page control structure remains usable for subsequent operations.

Scores

CVSS v3 7.1
EPSS 0.0012
EPSS Percentile 2.5%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Details

Status published
Products (11)
linux/Kernel 6.18.0 - 6.18.14linux
linux/Kernel 6.19.0 - 6.19.4linux
Linux/Linux < 6.18
Linux/Linux 5ab829f1971dc99f2aac10846c378e67fc875abc - 095417d6b669c2dec39a5842ccb94df915f97f54
Linux/Linux 5ab829f1971dc99f2aac10846c378e67fc875abc - 2446d099350185caeed19ab2c0270451a97296fb
Linux/Linux 5ab829f1971dc99f2aac10846c378e67fc875abc - d119bd2e1643cc023210ff3c6f0657e4f914e71d
Linux/Linux 6.18
Linux/Linux 6.18.14 - 6.18.*
Linux/Linux 6.19.4 - 6.19.*
Linux/Linux 7.0
... and 1 more
Published May 27, 2026
Tracked Since May 27, 2026