gfs2: Fix unlikely race in gdlm_put_lock — CVE-2025-40242

Summary

Advisory CVE-2025-40242. gfs2: Fix unlikely race in gdlm_put_lock Vendor: Microsoft. Source: MSRC. Threat: critical. CVSS 9.8. See the official advisory for details.

What to do

General, cautious steps (verify details in the official source):

• Prioritize patching or mitigation immediately (treat as actively risky).
• Identify affected product versions in your inventory and verify whether you are impacted.
• Apply vendor patches/updates or recommended mitigations as soon as available.
• Read the official advisory for exact affected versions and remediation steps.

Official advisory

Read the official source

Related advisories

• Azure Container Apps Remote Code Execution Vulnerability CVE-2025-65037
• Custom Question Answering Elevation of Privilege Vulnerability CVE-2025-64663
• devlink: rate: Unset parent pointer in devl_rate_nodes_destroy CVE-2025-40251
• hfsplus: fix KMSAN uninit-value issue in __hfsplus_ext_cache_extent() CVE-2025-40244
• Input: imx_sc_key - fix memory corruption on unload CVE-2025-40262
• libcoap Stack-Based Buffer Overflow in Address Resolution DoS or Potential RCE CVE-2025-34468
• Microsoft Partner Center Elevation of Privilege Vulnerability CVE-2025-65041
• Net-SNMP snmptrapd crash CVE-2025-68615
• netfilter: nft_ct: add seqadj extension for natted connections CVE-2025-68206
• 9p/trans_fd: p9_fd_request: kick rx thread if EPOLLIN CVE-2025-40305
• A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer() to log a single-line payload larger than 64KB without newline characters. CVE-2025-65637
• accel/habanalabs: support mapping cb with vmalloc-backed coherent memory CVE-2025-40311