Impact
ocfs2/dlm component. The qr_numregions field from a DLM_QUERY_REGION without validation, allowing an attacker to set it up to 255, exceeding the 32‑entry buffer and causing out-of-bounds reads. An off‑by‑one error also reads one element past the valid range. These unchecked reads constitute an out‑of‑bounds read weakness that can leak kernel memory or result in a crash. The weakness is characterized by CWE‑1285.
Affected Systems
All Linux kernel installations that ship the ocfs2 filesystem with the Distributed Lock Manager module are affected, regardless of distribution, provided the patch series is not applied. The CVE description does not specify kernel release, so any kernel version containing the vulnerable ocfs2/dlm code before the patch is at risk.
Risk and Exploitability
The CVSS score is 9.1, indicating high severity, and the EPSS score is reported as <1 %, indicating a very low probability of exploitation, and the vulnerability is not listed in the CISA KEV catalog. The likely attack vector is a malicious DLM_QUERY_REGION packet sent over the network to the target's DLM service; the DLM. Successful exploitation could read arbitrary kernel memory, leak data, or crash the kernel, causing denial of service. The absence of a high EPSS score and KEV listing suggests limited interest from current threat actors.
OpenCVE Enrichment
Debian DLA