CVE-2025-40134

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.0-g7e52f5f0ca9b

Description The Linux kernel contains a flaw in the device mapper (dm) subsystem related to a race condition between device suspend and table load. This can lead to a NULL pointer dereference within the dm suspend() function. The issue arises when suspend is initiated before the table load process is complete. Specifically, the problem occurs during the initialization of the request queue (blk mq init allocated queue) where the q->mq ops pointer is set before the q->tag set is initialized, potentially leading to a NULL pointer access. The fix involves checking for a valid table (map) before performing request-based suspend and waiting for target I/O. If the map is NULL, table-dependent suspend steps are skipped to prevent the dereference. This is safe because I/O will fail early in the DM layer if no table is loaded. The vulnerable function is dm suspend().

Recommendations Update to a version later than 6.6.0-g7e52f5f0ca9b.