Linux Kernel NFSv4 Openowner Memory Leak Vulnerability

A memory leak vulnerability has been identified in the Linux kernel's NFS server implementation, specifically within the NFSv4 protocol handling. This issue arises when two threads concurrently initiate file open requests, leading to the creation of multiple RPC tasks that can cause a significant memory leak. The problem is exacerbated by the 'force unmount' operation, which can disrupt normal file handling and leave open file references that contribute to the leak.

Impact

Exploitation of this vulnerability leads to a memory leak on the NFS server, where objects remain allocated and can cause warnings about leftover objects during server shutdown processes.

Reproduction

The vulnerability can be reproduced by mounting an NFS share and then using the 'force unmount' command while simultaneously opening a file over NFS. This will trigger two RPC tasks to be sent to the NFS server, where the first task can be interrupted by the unmount operation, causing the second task to leak memory by not properly releasing the associated resources.