CVE-2026-45955

HIGH EPSS 2.5%
Published May 27, 20261mo ago · Modified Jun 17, 20261w ago
7.1 CVSS 3.1
High
Find Similar
Published May 27, 2026 1mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: md/md-llbitmap: fix percpu_ref not resurrected on suspend timeout When llbitmap_suspend_timeout() times out waiting for percpu_ref to become zero, it returns -ETIMEDOUT without resurrecting the percpu_ref. The caller (md_llbitmap_daemon_fn) then continues to the next page without calling llbitmap_resume(), leaving the percpu_ref in a killed state permanently. Fix this by resurrecting the percpu_ref before returning the error, ensuring the page control structure remains usable for subsequent operations.

CVSS Details

Base Score
7.1
Exploitability
1.8
Impact
5.2
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
2.5% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 2

VendorProductVersionRange
linuxlinux_kernel*≥6.18  –  <6.18.14
linuxlinux_kernel*≥6.19  –  <6.19.4

References 3

  • git.kernel.org https://git.kernel.org/stable/c/095417d6b669c2dec39a5842ccb94df915f97f54
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2446d099350185caeed19ab2c0270451a97296fb
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d119bd2e1643cc023210ff3c6f0657e4f914e71d
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/095417d6b669c2dec39a5842ccb94df915f97f54
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2446d099350185caeed19ab2c0270451a97296fb
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d119bd2e1643cc023210ff3c6f0657e4f914e71d
    Patch