CVE-2025-23131: 
Linux Kernel vulnerability analysis and mitigation

A vulnerability in the Linux kernel's Distributed Lock Manager (DLM) subsystem was discovered and assigned CVE-2025-23131. The issue was disclosed on April 16, 2025, affecting various Linux kernel versions. The vulnerability stems from improper handling of positive values written to event_done in the DLM component (RedHat XML, NVD).

The vulnerability occurs when a positive value is written to event_done in the do_uevent function. In such cases, new_lockspace would undo all work and leave the lockspace unset. Due to a previous fix (commit 8511a2728ab8), __dlm_new_lockspace incorrectly treats this positive value as a success. This leads to device_create_lockspace passing a NULL lockspace to dlm_find_lockspace_local, resulting in a NULL pointer dereference. The vulnerability has been assigned a CVSS v3.1 base score of 5.5 with the vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (RedHat XML).

The vulnerability can lead to a NULL pointer dereference in the Linux kernel's DLM subsystem, potentially causing system crashes or denial of service conditions. The impact is primarily focused on availability, with no direct effect on confidentiality or integrity (RedHat XML).

Red Hat has deferred fixes for Red Hat Enterprise Linux 9 and kernel-rt packages. Various Linux distributions including Debian are tracking this vulnerability, with some versions marked as vulnerable and awaiting patches (Debian Tracker, RedHat XML).