Volerion logoVolerion
Volerion logoVolerion

Linux Kernel Use-After-Free Vulnerability in DLM Message Processing

Vulnerability

A use-after-free vulnerability has been identified in the Linux kernel's Distributed Lock Manager (DLM) component, specifically within the message handling functions. This issue arises when an acknowledgment is received for a DLM message before the message has been fully processed, leading to a race condition. The vulnerability was detected in version 6.1.0-rc4 of the Linux kernel.

Impact

Exploitation of this vulnerability can lead to memory corruption issues, allowing for potential arbitrary code execution or causing the system to become unresponsive.

Reproduction

The vulnerability can be reproduced by using the DLM lock torture test, which simulates a high-load environment that processes DLM messages in a way that can trigger the use-after-free condition. This is done by sending DLM messages while simultaneously receiving acknowledgments, creating a race condition that the vulnerability exploits.

Remediation

Users can upgrade to the latest stable version of the Linux kernel to address this vulnerability.

Added: Oct 7, 2025, 5:50 PM
Updated: Oct 7, 2025, 5:50 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
3.9
remediation
0.0
relevance
0.7
threat
4.8
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.