CVE-2026-45955 HIGH

CVE-2026-45955: md/md-llbitmap: fix percpu_ref not resurrected on suspend timeout

Vendor Linux
Product Linux
Published May 27, 2026
Last update June 5, 2026

CVSS base score

7.1/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality None
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

What the vulnerability does

01Description

In the Linux kernel, the following vulnerability has been resolved: md/md-llbitmap: fix percpu_ref not resurrected on suspend timeout When llbitmap_suspend_timeout() times out waiting for percpu_ref to become zero, it returns -ETIMEDOUT without resurrecting the percpu_ref. The caller (md_llbitmap_daemon_fn) then continues to the next page without calling llbitmap_resume(), leaving the percpu_ref in a killed state permanently. Fix this by resurrecting the percpu_ref before returning the error, ensuring the page control structure remains usable for subsequent operations.

Key dates

02Disclosure timeline

May 27, 2026 CVE published
June 5, 2026 Record updated