Volerion logoVolerion
Volerion logoVolerion

Linux Kernel NFS Data Corruption Vulnerability Fix

Vulnerability

A potential data corruption issue in the NFS (Network File System) implementation of the Linux kernel has been addressed. The vulnerability arose because subrequests needed to be rejoined with the main request before retransmission. If the main request was not on the commit lists due to synchronous writing by the server, it had to be manually added back to the retransmission list. The fix involved adding a function that replicates the effect of 'nfs_cancel_remove_inode()' for O_DIRECT operations, ensuring proper handling of page groups during retransmissions.

Impact

The vulnerability could lead to data corruption by improperly managing the retransmission of NFS requests, particularly with O_DIRECT operations.

Remediation

Users can upgrade to the latest version of the Linux kernel to address this vulnerability. The specific commit containing the fix can be downloaded as a tarball.

Added: Oct 22, 2025, 2:50 PM
Updated: Oct 22, 2025, 2:50 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
5.3
remediation
7.7
relevance
0.8
threat
3.2
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.