dm: fix unlocked test for dm_suspended_md_CVE-2026-46327

7.8 / 10

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Description

In the Linux kernel, the following vulnerability has been resolved:

dm: fix unlocked test for dm_suspended_md

The function dm_blk_report_zones tests if the device is suspended with
the "dm_suspended_md" call. However, this function is called without
holding any locks, so the device may be suspended just after it.

Move the call to dm_suspended_md after dm_get_live_table, so that the
device can't be suspended after the suspended state was tested.

Basic Information

ID CVE-2026-46327

Source Linux

Published Jun 9, 2026 at 12:25

Modified Jun 14, 2026 at 04:30

Affected Product

Vendor Linux

Product Linux

Version f9c1bdf24615303d48a2d0fd629c88f3189563aa

Affected Versions Linux Linux f9c1bdf24615303d48a2d0fd629c88f3189563aa
Linux Linux 37f53a2c60d03743e0eacf7a0c01c279776fef4e
Linux Linux 37f53a2c60d03743e0eacf7a0c01c279776fef4e
Linux Linux 37f53a2c60d03743e0eacf7a0c01c279776fef4e
Linux Linux d19bc1b4dd5f322980b1f05f79b2ea4f0db10920
Linux Linux 6.12.34
Linux Linux 6.15.3
Linux Linux 6.16

References

{
    "lastseen": "",
    "description": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm: fix unlocked test for dm_suspended_md\n\nThe function dm_blk_report_zones tests if the device is suspended with\nthe \"dm_suspended_md\" call. However, this function is called without\nholding any locks, so the device may be suspended just after it.\n\nMove the call to dm_suspended_md after dm_get_live_table, so that the\ndevice can't be suspended after the suspended state was tested.",
    "published": "2026-06-09T12:25:54.781Z",
    "modified": "2026-06-14T04:30:25.673Z",
    "type": "cve",
    "title": "dm: fix unlocked test for dm_suspended_md",
    "source": "Linux",
    "references": "https://git.kernel.org/stable/c/175ac0a6115400278d3900f5a04a58b17b3f6cd0\nhttps://git.kernel.org/stable/c/7a3385e97af2b6f485fef11e82d8c29adee4be93\nhttps://git.kernel.org/stable/c/d809a36692ee1394cac85ce6ba7cf8ea58da5812\nhttps://git.kernel.org/stable/c/24c405fdbe215c45e57bba672cc42859038491ee",
    "id": "CVE-2026-46327",
    "bulletinFamily": "",
    "cwe": null,
    "cvelist": null,
    "sourceData": "Linux Linux f9c1bdf24615303d48a2d0fd629c88f3189563aa\nLinux Linux 37f53a2c60d03743e0eacf7a0c01c279776fef4e\nLinux Linux 37f53a2c60d03743e0eacf7a0c01c279776fef4e\nLinux Linux 37f53a2c60d03743e0eacf7a0c01c279776fef4e\nLinux Linux d19bc1b4dd5f322980b1f05f79b2ea4f0db10920\nLinux Linux 6.12.34\nLinux Linux 6.15.3\nLinux Linux 6.16",
    "sourceHref": "",
    "cvss": {
        "score": 7.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Linux",
    "version": "f9c1bdf24615303d48a2d0fd629c88f3189563aa",
    "vendor": "Linux",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Description

Basic Information

Affected Product

References

💭 Join the Security Discussion ❌ Cancel Reply