CVE-2025-40055
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
28/10/2025
Last modified:
30/10/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
ocfs2: fix double free in user_cluster_connect()<br />
<br />
user_cluster_disconnect() frees "conn->cc_private" which is "lc" but then<br />
the error handling frees "lc" a second time. Set "lc" to NULL on this<br />
path to avoid a double free.
Impact
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/283333079d96c84baa91f0c62b5e0cbec246b7a2
- https://git.kernel.org/stable/c/694d5b401036a614f8080085a9de6f86ff0742dc
- https://git.kernel.org/stable/c/7e76fe9dfadbc00364d7523d5a109e9d3e4a7db2
- https://git.kernel.org/stable/c/827c8efa0d1afe817b90f3618afff552e88348d2
- https://git.kernel.org/stable/c/892f41e12c8689130d552a9eb2b77bafd26484ab
- https://git.kernel.org/stable/c/8f45f089337d924db24397f55697cda0e6960516
- https://git.kernel.org/stable/c/bfe011297ddd2d0cd64752978baaa0c04cd20573
- https://git.kernel.org/stable/c/f992bc72f681c32a682d474a29c2135a64d4f4e5