CVE-2026-53048
Published Jun 24, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: gfs2: prevent NULL pointer dereference during unmount When flushing out outstanding glock work during an unmount, gfs2_log_flush() can be called when sdp->sd_jdesc has already been deallocated and sdp->sd_jdesc is NULL. Commit 35264909e9d1 ("gfs2: Fix NULL pointer dereference in gfs2_log_flush") added a check for that to gfs2_log_flush() itself, but it missed the sdp->sd_jdesc dereference in gfs2_log_release(). Fix that.
EPSS — Exploit Prediction
0.0017
Probability of exploitation
0.07%
Percentile rank
EPSS estimates the probability that this vulnerability will be exploited in the wild within the next 30 days. A higher score means more likely to be exploited.
References
Other References
https://git.kernel.org/stable/c/233a0945a4b1dbe3f38c30afb7d05b76c67f1193
https://git.kernel.org/stable/c/2fc4c868c9060f424fd4a7cacb0aec5082aba4de
https://git.kernel.org/stable/c/74b4dbb946060a3233604d91859a9abd3708141d
https://git.kernel.org/stable/c/abd73229f0e886a91a16ea781ab656bd9b4d1ee8
https://git.kernel.org/stable/c/cec55674354794eddb80b914f73a6bf9b7fc304a
https://git.kernel.org/stable/c/d8ffae016c4a78693fe1283335d0b6833a9c1366
https://git.kernel.org/stable/c/e15f16761594e80b15776980b27c35477655a135
Frequently Asked Questions
What is CVE-2026-53048? +
In the Linux kernel, the following vulnerability has been resolved:
gfs2: prevent NULL pointer dereference during unmount
When flushing out outstanding glock work during an unmount, gfs2_log_flush()
can be called when sdp->sd_jdesc has already been deallocated and sdp->sd_jdesc
is NULL. Commit 35264909e9d1 ("gfs2: Fix NULL pointer dereference in
gfs2_log_flush") added a check for that to gfs2_log_flush() itself, but it
missed the sdp->sd_jdesc dereference in gfs2_log_release(). Fix that.
How do I check if I'm vulnerable to CVE-2026-53048? +
You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.