{"api_version":"1","generated_at":"2026-04-11T20:38:56+00:00","cve":"CVE-2025-40242","urls":{"html":"https://cve.report/CVE-2025-40242","api":"https://cve.report/api/cve/CVE-2025-40242.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2025-40242","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2025-40242"},"summary":{"title":"gfs2: Fix unlikely race in gdlm_put_lock","description":"In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: Fix unlikely race in gdlm_put_lock\n\nIn gdlm_put_lock(), there is a small window of time in which the\nDFL_UNMOUNT flag has been set but the lockspace hasn't been released,\nyet.  In that window, dlm may still call gdlm_ast() and gdlm_bast().\nTo prevent it from dereferencing freed glock objects, only free the\nglock if the lockspace has actually been released.","state":"PUBLISHED","assigner":"Linux","published_at":"2025-12-04 16:16:17","updated_at":"2026-04-11 13:16:35"},"problem_types":[],"metrics":[],"references":[{"url":"https://git.kernel.org/stable/c/4913592a3358f6ec366b8346b733d5e2360b08e1","name":"https://git.kernel.org/stable/c/4913592a3358f6ec366b8346b733d5e2360b08e1","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/64c61b4ac645222fa7b724cef616c1f862a72a40","name":"https://git.kernel.org/stable/c/64c61b4ac645222fa7b724cef616c1f862a72a40","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/279bde3bbb0ac0bad5c729dfa85983d75a5d7641","name":"https://git.kernel.org/stable/c/279bde3bbb0ac0bad5c729dfa85983d75a5d7641","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/28c4d9bc0708956c1a736a9e49fee71b65deee81","name":"https://git.kernel.org/stable/c/28c4d9bc0708956c1a736a9e49fee71b65deee81","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/5fdc1474e678eea1700aa266c0b7c2c96f81dd0d","name":"https://git.kernel.org/stable/c/5fdc1474e678eea1700aa266c0b7c2c96f81dd0d","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2025-40242","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40242","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected d1340f80f0b8066321b499a376780da00560e857 5fdc1474e678eea1700aa266c0b7c2c96f81dd0d git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected d1340f80f0b8066321b499a376780da00560e857 4913592a3358f6ec366b8346b733d5e2360b08e1 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected d1340f80f0b8066321b499a376780da00560e857 279bde3bbb0ac0bad5c729dfa85983d75a5d7641 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected d1340f80f0b8066321b499a376780da00560e857 64c61b4ac645222fa7b724cef616c1f862a72a40 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected d1340f80f0b8066321b499a376780da00560e857 28c4d9bc0708956c1a736a9e49fee71b65deee81 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 6aa628c45875e7b8cca81ed9447a12a0e8f3504a git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected a97e75203733be0a4263a78fb7b29352be150c1c git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 3554b46204e67333e1fb8be0e93936fb08267c80 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 5cff77b9827a956d076168b56775aad23bce87e4 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 8deedce385d220f90e435f534d71d27526273515 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 2225a5cd2fbc2ef0e0f78e585db3844f60416a39 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 02e838963fdaa6ce8570b5389aecdc6cf1fb40b0 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 01eb3106f43335fdc02111358dae80a5c3fd324d git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 5.15","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 5.15 semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.1.168 6.1.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.6.131 6.6.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.12.56 6.12.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.17.6 6.17.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.18 * original_commit_for_fix","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2025","cve_id":"40242","cve":"CVE-2025-40242","epss":"0.000340000","percentile":"0.099190000","score_date":"2026-04-07","updated_at":"2026-04-08 00:03:40"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"Linux","programFiles":["fs/gfs2/lock_dlm.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","vendor":"Linux","versions":[{"lessThan":"5fdc1474e678eea1700aa266c0b7c2c96f81dd0d","status":"affected","version":"d1340f80f0b8066321b499a376780da00560e857","versionType":"git"},{"lessThan":"4913592a3358f6ec366b8346b733d5e2360b08e1","status":"affected","version":"d1340f80f0b8066321b499a376780da00560e857","versionType":"git"},{"lessThan":"279bde3bbb0ac0bad5c729dfa85983d75a5d7641","status":"affected","version":"d1340f80f0b8066321b499a376780da00560e857","versionType":"git"},{"lessThan":"64c61b4ac645222fa7b724cef616c1f862a72a40","status":"affected","version":"d1340f80f0b8066321b499a376780da00560e857","versionType":"git"},{"lessThan":"28c4d9bc0708956c1a736a9e49fee71b65deee81","status":"affected","version":"d1340f80f0b8066321b499a376780da00560e857","versionType":"git"},{"status":"affected","version":"6aa628c45875e7b8cca81ed9447a12a0e8f3504a","versionType":"git"},{"status":"affected","version":"a97e75203733be0a4263a78fb7b29352be150c1c","versionType":"git"},{"status":"affected","version":"3554b46204e67333e1fb8be0e93936fb08267c80","versionType":"git"},{"status":"affected","version":"5cff77b9827a956d076168b56775aad23bce87e4","versionType":"git"},{"status":"affected","version":"8deedce385d220f90e435f534d71d27526273515","versionType":"git"},{"status":"affected","version":"2225a5cd2fbc2ef0e0f78e585db3844f60416a39","versionType":"git"},{"status":"affected","version":"02e838963fdaa6ce8570b5389aecdc6cf1fb40b0","versionType":"git"},{"status":"affected","version":"01eb3106f43335fdc02111358dae80a5c3fd324d","versionType":"git"}]},{"defaultStatus":"affected","product":"Linux","programFiles":["fs/gfs2/lock_dlm.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","vendor":"Linux","versions":[{"status":"affected","version":"5.15"},{"lessThan":"5.15","status":"unaffected","version":"0","versionType":"semver"},{"lessThanOrEqual":"6.1.*","status":"unaffected","version":"6.1.168","versionType":"semver"},{"lessThanOrEqual":"6.6.*","status":"unaffected","version":"6.6.131","versionType":"semver"},{"lessThanOrEqual":"6.12.*","status":"unaffected","version":"6.12.56","versionType":"semver"},{"lessThanOrEqual":"6.17.*","status":"unaffected","version":"6.17.6","versionType":"semver"},{"lessThanOrEqual":"*","status":"unaffected","version":"6.18","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"cpeMatch":[{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.1.168","versionStartIncluding":"5.15","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.6.131","versionStartIncluding":"5.15","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.12.56","versionStartIncluding":"5.15","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.17.6","versionStartIncluding":"5.15","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.18","versionStartIncluding":"5.15","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.4.284","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.9.283","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14.247","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19.207","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.4.148","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.10.67","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.13.19","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.14.6","vulnerable":true}],"negate":false,"operator":"OR"}]}],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: Fix unlikely race in gdlm_put_lock\n\nIn gdlm_put_lock(), there is a small window of time in which the\nDFL_UNMOUNT flag has been set but the lockspace hasn't been released,\nyet.  In that window, dlm may still call gdlm_ast() and gdlm_bast().\nTo prevent it from dereferencing freed glock objects, only free the\nglock if the lockspace has actually been released."}],"providerMetadata":{"dateUpdated":"2026-04-11T12:45:40.664Z","orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux"},"references":[{"url":"https://git.kernel.org/stable/c/5fdc1474e678eea1700aa266c0b7c2c96f81dd0d"},{"url":"https://git.kernel.org/stable/c/4913592a3358f6ec366b8346b733d5e2360b08e1"},{"url":"https://git.kernel.org/stable/c/279bde3bbb0ac0bad5c729dfa85983d75a5d7641"},{"url":"https://git.kernel.org/stable/c/64c61b4ac645222fa7b724cef616c1f862a72a40"},{"url":"https://git.kernel.org/stable/c/28c4d9bc0708956c1a736a9e49fee71b65deee81"}],"title":"gfs2: Fix unlikely race in gdlm_put_lock","x_generator":{"engine":"bippy-1.2.0"}}},"cveMetadata":{"assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","assignerShortName":"Linux","cveId":"CVE-2025-40242","datePublished":"2025-12-04T15:31:31.497Z","dateReserved":"2025-04-16T07:20:57.181Z","dateUpdated":"2026-04-11T12:45:40.664Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2025-12-04 16:16:17","lastModifiedDate":"2026-04-11 13:16:35","problem_types":[],"metrics":[],"configurations":[]},"legacy_mitre":{"record":{"CveYear":"2025","CveId":"40242","Ordinal":"1","Title":"gfs2: Fix unlikely race in gdlm_put_lock","CVE":"CVE-2025-40242","Year":"2025"},"notes":[{"CveYear":"2025","CveId":"40242","Ordinal":"1","NoteData":"In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: Fix unlikely race in gdlm_put_lock\n\nIn gdlm_put_lock(), there is a small window of time in which the\nDFL_UNMOUNT flag has been set but the lockspace hasn't been released,\nyet.  In that window, dlm may still call gdlm_ast() and gdlm_bast().\nTo prevent it from dereferencing freed glock objects, only free the\nglock if the lockspace has actually been released.","Type":"Description","Title":"gfs2: Fix unlikely race in gdlm_put_lock"}]}}}