Volerion logoVolerion
Volerion logoVolerion

Linux Kernel NFSD OPDESC Out-of-Bounds Vulnerability

Vulnerability

A vulnerability in the Linux kernel's NFS server (NFSD) component allows for out-of-bounds access when decoding compound operations. The issue arises because the OPDESC() function is called with an operation number that can exceed the valid range, leading to potential memory access violations. This vulnerability affects several versions of the Linux kernel.

Impact

Exploitation of this vulnerability could lead to out-of-bounds memory access, potentially causing a denial-of-service condition or allowing for arbitrary memory manipulation.

Reproduction

The vulnerability can be reproduced by sending a compound NFSv4 request that includes an operation number set to OP_ILLEGAL, which is 10044. This operation number is beyond the valid range of the nfsd4_ops[] array, causing the OPDESC() function to access memory out of bounds.

Remediation

Users can upgrade to the latest stable version of the Linux kernel to address this vulnerability.

Added: Oct 7, 2025, 4:44 PM
Updated: Oct 7, 2025, 4:44 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
4.3
remediation
7.7
relevance
0.7
threat
4.8
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.