CVE-2026-46327
7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved:
dm: fix unlocked test for dm_suspended_md
The function dm_blk_report_zones tests if the device is suspended with the "dm_suspended_md" call. However, this function is called without holding any locks, so the device may be suspended just after it.
Move the call to dm_suspended_md after dm_get_live_table, so that the device can't be suspended after the suspended state was tested.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | f9c1bdf24615303d48a2d0fd629c88f3189563aa < 175ac0a6115400278d3900f5a04a58b17b3f6cd0 | affected |
| Linux | Linux | 37f53a2c60d03743e0eacf7a0c01c279776fef4e < 7a3385e97af2b6f485fef11e82d8c29adee4be93 | affected |
| Linux | Linux | 37f53a2c60d03743e0eacf7a0c01c279776fef4e < d809a36692ee1394cac85ce6ba7cf8ea58da5812 | affected |
| Linux | Linux | 37f53a2c60d03743e0eacf7a0c01c279776fef4e < 24c405fdbe215c45e57bba672cc42859038491ee | affected |
| Linux | Linux | d19bc1b4dd5f322980b1f05f79b2ea4f0db10920 | affected |
| Linux | Linux | 6.12.34 < 6.12.75 | affected |
| Linux | Linux | 6.15.3 < 6.16 | affected |
| Linux | Linux | 6.16 | affected |
| Linux | Linux | 0 < 6.16 | unaffected |
| Linux | Linux | 6.12.75 <= 6.12.* | unaffected |
| Linux | Linux | 6.18.14 <= 6.18.* | unaffected |
| Linux | Linux | 6.19.4 <= 6.19.* | unaffected |
| Linux | Linux | 7.0 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/175ac0a6115400278d3900f5a04a58b17b3f6cd0
- https://git.kernel.org/stable/c/7a3385e97af2b6f485fef11e82d8c29adee4be93
- https://git.kernel.org/stable/c/d809a36692ee1394cac85ce6ba7cf8ea58da5812
- https://git.kernel.org/stable/c/24c405fdbe215c45e57bba672cc42859038491ee
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.