CVE-2025-40055
ocfs2: fix double free in user_cluster_connect()
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS —EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
28 oct 2025Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
In the Linux kernel, the following vulnerability has been resolved:
ocfs2: fix double free in user_cluster_connect()
user_cluster_disconnect() frees "conn->cc_private" which is "lc" but then
the error handling frees "lc" a second time. Set "lc" to NULL on this
path to avoid a double free.
Productos afectados
Linux · LinuxReferencias
https://git.kernel.org/stable/c/283333079d96c84baa91f0c62b5e0cbec246b7a2https://git.kernel.org/stable/c/694d5b401036a614f8080085a9de6f86ff0742dchttps://git.kernel.org/stable/c/7e76fe9dfadbc00364d7523d5a109e9d3e4a7db2https://git.kernel.org/stable/c/827c8efa0d1afe817b90f3618afff552e88348d2https://git.kernel.org/stable/c/892f41e12c8689130d552a9eb2b77bafd26484abhttps://git.kernel.org/stable/c/8f45f089337d924db24397f55697cda0e6960516https://git.kernel.org/stable/c/bfe011297ddd2d0cd64752978baaa0c04cd20573https://git.kernel.org/stable/c/f992bc72f681c32a682d474a29c2135a64d4f4e5