7.8
CVE-2026-53265
- EPSS 0.13%
- Veröffentlicht 25.06.2026 08:39:52
- Zuletzt bearbeitet 08.07.2026 04:02:08
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
dm cache policy smq: check allocation under invalidate lock
In the Linux kernel, the following vulnerability has been resolved:
dm cache policy smq: check allocation under invalidate lock
commit 2d1f7b65f5de ("dm cache policy smq: fix missing locks in
invalidating cache blocks") added mq->lock around the destructive part of
smq_invalidate_mapping(), but left the e->allocated check outside the
critical section.
That leaves a check-then-act race. Two concurrent invalidators can both
observe e->allocated as true before either of them takes mq->lock. The
first invalidator that acquires the lock removes the entry from the
queues and hash table and then calls free_entry(), which clears
e->allocated and puts the entry back on the free list. The second
invalidator can then acquire mq->lock and continue with the stale result
of the unlocked check.
This can corrupt the SMQ queues or hash table by deleting an entry that
is no longer on those structures. It can also hit the allocation check in
free_entry() when the same entry is freed again.
Move the allocation check under mq->lock so the predicate and the
destructive operations are serialized by the same lock.Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 6.6.141 < 6.6.143
Linux ≫ Linux Kernel Version >= 6.12.91 < 6.12.94
Linux ≫ Linux Kernel Version >= 6.18.33 < 6.18.36
Linux ≫ Linux Kernel Version >= 7.0.10 < 7.0.13
Linux ≫ Linux Kernel Version5.10.258
Linux ≫ Linux Kernel Version5.15.209
Linux ≫ Linux Kernel Version6.1.175
Linux ≫ Linux Kernel Version7.1 Updaterc1
Linux ≫ Linux Kernel Version7.1 Updaterc2
Linux ≫ Linux Kernel Version7.1 Updaterc3
Linux ≫ Linux Kernel Version7.1 Updaterc4
Linux ≫ Linux Kernel Version7.1 Updaterc5
Linux ≫ Linux Kernel Version7.1 Updaterc6
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.13% | 0.029 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
https://git.kernel.org/stable/c/c242c7af2aecf0b538b8623bdb86b8b441da38d9
https://git.kernel.org/stable/c/13da856c86fb8c2ccab95034fd77da1bb2c2a17c
https://git.kernel.org/stable/c/d886945fcb0f8c9dc6b39928d7a96c95c587346c
https://git.kernel.org/stable/c/b4892561552d671bd8c4da5ebb70e9fbb1ec446e
https://git.kernel.org/stable/c/03ffe1112ed88bb3a9bd0b971549bf4d64bfc59a
https://git.kernel.org/stable/c/42ff6774ecd9d7f70d599cb71ff64373a1da4948
https://git.kernel.org/stable/c/c57570fba24016ec25ec046ab44db39143fb7a64
https://git.kernel.org/stable/c/d3f0a606b9f278ece8a0df626ded9c4044071235