Linux Kernel NFS Refcount Leak Vulnerability in COPY Codepath

A potential reference count leak vulnerability has been identified in the Linux kernel's NFS server component, specifically within the COPY operation handling. This issue arises from improper management of reference counts for NFS file structures, which can lead to memory leaks. The vulnerability is present in the NFS server's asynchronous copy process, where reference counts for source and destination files may not be correctly released if an error occurs during thread creation. This flaw affects the NFS server in the Linux kernel stable tree.

Impact

Exploitation of this vulnerability can lead to memory leaks, where reference counts for NFS file structures are not properly managed, potentially causing increased memory usage and degradation of system performance over time.

Reproduction

The vulnerability can be reproduced by initiating an asynchronous COPY operation in the NFS server while monitoring the reference counts of the NFS file structures involved. If the operation is interrupted or fails after the references have been incremented but before they are properly cleaned up, a reference count leak will occur.

Remediation

Users can upgrade to the latest version of the Linux kernel stable tree, where this vulnerability has been addressed.