Primary

Context

Linux Kernel dm mpath Missing Reference Cleanup Vulnerability

Vulnerability

Patched

A vulnerability in the Linux kernel's device-mapper multipath (dm mpath) module has been addressed. The issue arose when the SCSI device handler name parsing failed due to memory allocation errors. The code did not properly release the reference to the path device, leading to a potential resource leak. This vulnerability affects the stable versions of the Linux kernel.

Impact

The vulnerability could lead to a memory leak by not releasing references to path devices, potentially causing resource exhaustion over time.

Added: May 6, 2026, 2:55 PM

Updated: May 6, 2026, 2:55 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

5.3

remediation

7.7

relevance

7.6

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

5.3

remediation

7.7

relevance

7.6

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel dm mpath Missing Reference Cleanup Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating