CVE-2025-40055
Published: October 29, 2025Last modified: October 29, 2025
Description
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix double free in user_cluster_connect() user_cluster_disconnect() frees "conn->cc_private" which is "lc" but then the error handling frees "lc" a second time. Set "lc" to NULL on this path to avoid a double free.
Status
| Product | Release | Package | Status |
|---|---|---|---|
| Alpaquita Linux | 23 LTS | linux-lts | Fixed (6.1.156-r0) |
| 25 LTS | linux-lts | Fixed (6.12.53-r0) | |
| Stream | linux-lts | Fixed (6.12.53-r0) |
References
- https://git.kernel.org/stable/c/283333079d96c84baa91f0c62b5e0cbec246b7a2
- https://git.kernel.org/stable/c/694d5b401036a614f8080085a9de6f86ff0742dc
- https://git.kernel.org/stable/c/7e76fe9dfadbc00364d7523d5a109e9d3e4a7db2
- https://git.kernel.org/stable/c/827c8efa0d1afe817b90f3618afff552e88348d2
- https://git.kernel.org/stable/c/892f41e12c8689130d552a9eb2b77bafd26484ab
- https://git.kernel.org/stable/c/8f45f089337d924db24397f55697cda0e6960516
- https://git.kernel.org/stable/c/bfe011297ddd2d0cd64752978baaa0c04cd20573
- https://git.kernel.org/stable/c/f992bc72f681c32a682d474a29c2135a64d4f4e5