CVE-2025-40242

Name: CVE-2025-40242
Creator: NVD / NIST
Published: 2025-12-04T16:16:17.39+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 0.17%

Last modified Jun 17, 2026

CVE-2025-40242 is a vulnerability of currently unknown severity. In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix unlikely race in gdlm_put_lock In gdlm_put_lock(), there is a small window of time in which the DFL_UNMOUNT flag has been set but the lockspace hasn't been released, yet. In that window, dlm may still call gdlm_ast() and gdlm_bast(). To prevent it from dereferencing freed glock objects, only free the glock if the lockspace has actually been released.. EPSS estimates a 0.17% chance of exploitation in the next 30 days.

Description

In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix unlikely race in gdlm_put_lock In gdlm_put_lock(), there is a small window of time in which the DFL_UNMOUNT flag has been set but the lockspace hasn't been released, yet. In that window, dlm may still call gdlm_ast() and gdlm_bast(). To prevent it from dereferencing freed glock objects, only free the glock if the lockspace has actually been released.

Metrics

EPSS Probability

0.17%

6.4th percentile

Probability of exploitation in the next 30 days. Learn more

References

Timeline

Published: Dec 4, 2025
Last Modified: Jun 17, 2026
Status: Deferred

Frequently Asked Questions

What is CVE-2025-40242?

How severe is CVE-2025-40242?

Severity scoring for CVE-2025-40242 is pending analysis. The EPSS model estimates a 0.17% probability of exploitation in the next 30 days.

How do I fix CVE-2025-40242?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2025-40242?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST