CVE-2026-53048

medium

Description

In the Linux kernel, the following vulnerability has been resolved: gfs2: prevent NULL pointer dereference during unmount When flushing out outstanding glock work during an unmount, gfs2_log_flush() can be called when sdp->sd_jdesc has already been deallocated and sdp->sd_jdesc is NULL. Commit 35264909e9d1 ("gfs2: Fix NULL pointer dereference in gfs2_log_flush") added a check for that to gfs2_log_flush() itself, but it missed the sdp->sd_jdesc dereference in gfs2_log_release(). Fix that.

References

https://git.kernel.org/stable/c/e15f16761594e80b15776980b27c35477655a135

https://git.kernel.org/stable/c/d8ffae016c4a78693fe1283335d0b6833a9c1366

https://git.kernel.org/stable/c/cec55674354794eddb80b914f73a6bf9b7fc304a

https://git.kernel.org/stable/c/abd73229f0e886a91a16ea781ab656bd9b4d1ee8

https://git.kernel.org/stable/c/74b4dbb946060a3233604d91859a9abd3708141d

https://git.kernel.org/stable/c/2fc4c868c9060f424fd4a7cacb0aec5082aba4de

https://git.kernel.org/stable/c/233a0945a4b1dbe3f38c30afb7d05b76c67f1193

Details

Source: Mitre, NVD

Published: 2026-06-24

Updated: 2026-06-24

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00172