gfs2: prevent NULL pointer dereference during unmount
Summary
| CVE | CVE-2026-53048 |
|---|---|
| State | PUBLISHED |
| Assigner | Linux |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2026-06-24 17:17:16 UTC |
| Updated | 2026-06-24 17:17:16 UTC |
| Description | In the Linux kernel, the following vulnerability has been resolved: gfs2: prevent NULL pointer dereference during unmount When flushing out outstanding glock work during an unmount, gfs2_log_flush() can be called when sdp->sd_jdesc has already been deallocated and sdp->sd_jdesc is NULL. Commit 35264909e9d1 ("gfs2: Fix NULL pointer dereference in gfs2_log_flush") added a check for that to gfs2_log_flush() itself, but it missed the sdp->sd_jdesc dereference in gfs2_log_release(). Fix that. |
Risk And Classification
EPSS: 0.001720000 probability, percentile 0.068960000 (date 2026-06-29)
Vendor Declared Affected Products
| Source | Vendor | Product | Version | Platforms |
|---|---|---|---|---|
| CNA | Linux | Linux | affected c3c5cfa3170c0940bc66a142859caac07d19b9d6 cec55674354794eddb80b914f73a6bf9b7fc304a git | Not specified |
| CNA | Linux | Linux | affected 5f6a84cfb33b34610623857bd93919dcb661e29b 2fc4c868c9060f424fd4a7cacb0aec5082aba4de git | Not specified |
| CNA | Linux | Linux | affected 3429ef5f50909cee9e498c50f0c499b9397116ce 233a0945a4b1dbe3f38c30afb7d05b76c67f1193 git | Not specified |
| CNA | Linux | Linux | affected 35264909e9d1973ab9aaa2a1b07cda70f12bb828 e15f16761594e80b15776980b27c35477655a135 git | Not specified |
| CNA | Linux | Linux | affected 35264909e9d1973ab9aaa2a1b07cda70f12bb828 d8ffae016c4a78693fe1283335d0b6833a9c1366 git | Not specified |
| CNA | Linux | Linux | affected 35264909e9d1973ab9aaa2a1b07cda70f12bb828 abd73229f0e886a91a16ea781ab656bd9b4d1ee8 git | Not specified |
| CNA | Linux | Linux | affected 35264909e9d1973ab9aaa2a1b07cda70f12bb828 74b4dbb946060a3233604d91859a9abd3708141d git | Not specified |
| CNA | Linux | Linux | affected f54f9d5368a4e92ede7dd078a62788dae3a7c6ef git | Not specified |
| CNA | Linux | Linux | affected 5.15.200 5.15.209 semver | Not specified |
| CNA | Linux | Linux | affected 6.1.162 6.1.175 semver | Not specified |
| CNA | Linux | Linux | affected 6.6.37 6.6.141 semver | Not specified |
| CNA | Linux | Linux | affected 6.9.8 6.10 semver | Not specified |
| CNA | Linux | Linux | affected 6.10 | Not specified |
| CNA | Linux | Linux | unaffected 6.10 semver | Not specified |
| CNA | Linux | Linux | unaffected 5.15.209 5.15.* semver | Not specified |
| CNA | Linux | Linux | unaffected 6.1.175 6.1.* semver | Not specified |
| CNA | Linux | Linux | unaffected 6.6.141 6.6.* semver | Not specified |
| CNA | Linux | Linux | unaffected 6.12.91 6.12.* semver | Not specified |
| CNA | Linux | Linux | unaffected 6.18.33 6.18.* semver | Not specified |
| CNA | Linux | Linux | unaffected 7.0.10 7.0.* semver | Not specified |
| CNA | Linux | Linux | unaffected 7.1 * original_commit_for_fix | Not specified |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| git.kernel.org/stable/c/cec55674354794eddb80b914f73a6bf9b7fc304a | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | |
| git.kernel.org/stable/c/233a0945a4b1dbe3f38c30afb7d05b76c67f1193 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | |
| git.kernel.org/stable/c/d8ffae016c4a78693fe1283335d0b6833a9c1366 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | |
| git.kernel.org/stable/c/74b4dbb946060a3233604d91859a9abd3708141d | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | |
| git.kernel.org/stable/c/2fc4c868c9060f424fd4a7cacb0aec5082aba4de | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | |
| git.kernel.org/stable/c/e15f16761594e80b15776980b27c35477655a135 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | |
| git.kernel.org/stable/c/abd73229f0e886a91a16ea781ab656bd9b4d1ee8 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.