Linux Kernel NFSv4 State Revocation Vulnerability Causes Denial-of-Service

A denial-of-service vulnerability has been identified in the Linux kernel's NFS server component (nfsd). When attempting to unlock the filesystem through an administrative interface while nfsd is not running, the server crashes. This issue arises because the state revocation function, nfsd4_revoke_states(), tries to access state structures that have already been freed during the server's shutdown process. The vulnerability affects several versions of the Linux kernel.

Impact

Exploitation of this vulnerability leads to a server crash, causing a denial-of-service condition.

Reproduction

To reproduce this vulnerability, attempt to unlock the filesystem via an administrative interface while the NFS server (nfsd) is not running. This will cause the server to crash, as the state revocation process tries to access freed state structures, leading to a failure in the NFS service.

Remediation

The vulnerability has been addressed in a patch that is included in the official Linux kernel stable releases. Users should upgrade to the latest stable version of the Linux kernel.