CVE-2025-23131

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability in the Linux kernel has been resolved. The issue is related to the dlm component, where writing a positive value to event done could lead to a NULL pointer dereference. This occurs because do uevent returns the value written to event done, and if it is positive, new lockspace would undo all the work, resulting in lockspace not being set. However, dlm new lockspace would treat the positive value as a success, causing device create lockspace to pass a NULL lockspace to dlm find lockspace local. To prevent this issue, positive values are now treated as successes.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

AZL-62788

AZL-69653

BDU:2026-02287

CVE-2025-23131

ECHO-1078-87D2-D335

OESA-2025-1625

OESA-2025-1629

OPENSUSE-SU-2025_01614-1

OPENSUSE-SU-2025_01707-1

SUSE-SU-2025:01600-1

SUSE-SU-2025:01614-1

SUSE-SU-2025:01707-1

SUSE-SU-2025:01919-1

SUSE-SU-2025:01951-1

SUSE-SU-2025:01964-1

SUSE-SU-2025:01967-1

SUSE-SU-2025:01972-1

SUSE-SU-2025:20343-1

SUSE-SU-2025:20344-1

SUSE-SU-2025:20354-1

SUSE-SU-2025:20355-1

SUSE-SU-2025_01600-1

SUSE-SU-2025_01614-1

SUSE-SU-2025_01707-1

SUSE-SU-2025_01951-1

SUSE-SU-2025_01964-1

SUSE-SU-2025_01967-1

SUSE-SU-2025_01972-1

USN-7594-1

USN-7594-2

USN-7594-3

Affected Products

Debian

Linux Kernel

Suse

Ubuntu

CVE-2025-23131

Weakness Enumeration

Related Identifiers

Affected Products

References · 1832