CVE-2022-49316
NFSv4: Don't hold the layoutget locks across multiple RPC calls
In the Linux kernel, the following vulnerability has been resolved:
NFSv4: Don't hold the layoutget locks across multiple RPC calls
When doing layoutget as part of the open() compound, we have to be
careful to release the layout locks before we can call any further RPC
calls, such as setattr(). The reason is that those calls could trigger
a recall, which could deadlock.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Produtos afetados
Linux · LinuxQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://git.kernel.org/stable/c/08d7a26d115cc7892668baa9750f64bd8baca29bhttps://git.kernel.org/stable/c/0ee5b9644f06b4d3cdcd9544f43f63312e425a4chttps://git.kernel.org/stable/c/6949493884fe88500de4af182588e071cf1544eehttps://git.kernel.org/stable/c/6b3fc1496e7227cd6a39a80bbfb7588ef7c7a010https://git.kernel.org/stable/c/a2b3be930e79cc5d9d829f158e31172b2043f0cdhttps://git.kernel.org/stable/c/d4c2a041ed3ba114502d5ed6ace5b1a48d637a8ehttps://git.kernel.org/stable/c/ea759ae0a9ae5acee677d722129710ac89cc59c1