Primary

Context

Linux Kernel NFSv4 Dentry Handling Vulnerability

Vulnerability

Patched

A vulnerability in the Linux kernel's NFS implementation can lead to a null pointer dereference when automounting NFSv4 referrals. This occurs because the path's dentry may become a negative dentry, causing the NFS server structure to be incorrectly derived. The issue has been fixed by properly sourcing the NFS server information from the dentry's superblock.

Impact

The vulnerability can cause a null pointer dereference, leading to a system crash.

Reproduction

To reproduce this vulnerability, mount an NFSv4 referral that results in a negative dentry. This will trigger the incorrect handling in the nfs_d_automount function, causing a null pointer dereference.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed.

Added: Sep 18, 2025, 3:54 PM

Updated: Sep 18, 2025, 3:54 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.3

remediation

7.7

relevance

0.5

threat

4.8

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.3

remediation

7.7

relevance

0.5

threat

4.8

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel NFSv4 Dentry Handling Vulnerability

Vulnerability

Impact

Reproduction

Remediation

Affected Products

Linux kernel

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating