CVE-2025-40242

In gdlmputlock(), there is a small window of time in which the DFLUNMOUNT flag has been set but the lockspace hasn't been released, yet. In that window, dlm may still call gdlmast() and gdlm_bast(). To prevent it from dereferencing freed glock objects, only free the glock if the lockspace has actually been released.

Database specific

{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/40xxx/CVE-2025-40242.json"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

d1340f80f0b8066321b499a376780da00560e857

Fixed

279bde3bbb0ac0bad5c729dfa85983d75a5d7641

Fixed

64c61b4ac645222fa7b724cef616c1f862a72a40

Fixed

28c4d9bc0708956c1a736a9e49fee71b65deee81

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

6aa628c45875e7b8cca81ed9447a12a0e8f3504a

Last affected

a97e75203733be0a4263a78fb7b29352be150c1c

Last affected

3554b46204e67333e1fb8be0e93936fb08267c80

Last affected

5cff77b9827a956d076168b56775aad23bce87e4

Last affected

8deedce385d220f90e435f534d71d27526273515

Last affected

2225a5cd2fbc2ef0e0f78e585db3844f60416a39

Last affected

02e838963fdaa6ce8570b5389aecdc6cf1fb40b0

Last affected

01eb3106f43335fdc02111358dae80a5c3fd324d

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-40242.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

5.15.0

Fixed

6.12.56

Type: ECOSYSTEM
Events: Introduced

6.13.0

Fixed

6.17.6

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-40242.json"