Primary

Context

Linux Kernel NFSD Handling of New FATTR4 Attributes Vulnerability

Vulnerability

Patched

A vulnerability exists in the Linux kernel's Network File System daemon (NFSD) related to the handling of new FATTR4 attributes, specifically 'time_deleg_access' and 'time_deleg_modify'. These attributes are intended for use with CB_GETATTR and SETATTR, but not with GETATTR requests. According to NFSv4 specifications, if a server receives a GETATTR request for attributes it does not support, it must return an error. However, NFSD's current implementation could lead to a crash instead of properly handling the request. This vulnerability affects the Linux kernel stable tree.

Impact

Improper handling of GETATTR requests for certain FATTR4 attributes could lead to a server crash.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed.

Added: Dec 8, 2025, 1:17 AM

Updated: Dec 8, 2025, 1:17 AM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

3.5

remediation

7.7

relevance

1.4

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

3.5

remediation

7.7

relevance

1.4

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel NFSD Handling of New FATTR4 Attributes Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating