Primary

Context

Linux Kernel FlexFiles Layout Type LAYOUTCOMMIT Operation Handling Vulnerability

Vulnerability

Patched

A vulnerability in the Linux kernel's handling of the FlexFiles layout type can lead to a crash. This issue arises in the Network File System (NFS) server (NFSD) when a pNFS client sends a LAYOUTCOMMIT operation on a FlexFiles layout, which the server is not properly equipped to handle. The vulnerability is present in the Linux kernel stable tree.

Impact

The vulnerability can cause a denial of service by crashing the NFS server process handling the FlexFiles layout.

Reproduction

The vulnerability can be reproduced by configuring a pNFS client to send a LAYOUTCOMMIT operation to an NFS server that is using the FlexFiles layout type. This will trigger the server to crash, demonstrating the vulnerability.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed. Instructions for downloading the patched version are available on the Linux Kernel Archive.

Added: Oct 30, 2025, 10:44 AM

Updated: Oct 30, 2025, 3:51 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.7

remediation

7.7

relevance

0.8

threat

4.8

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.7

remediation

7.7

relevance

0.8

threat

4.8

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel FlexFiles Layout Type LAYOUTCOMMIT Operation Handling Vulnerability

Vulnerability

Impact

Reproduction

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating