vulnerability

Red Hat: CVE-2025-38724: kernel: nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() (Multiple Advisories)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:L/AC:M/Au:S/C:C/I:C/A:C)	Sep 4, 2025	Dec 2, 2025	Jan 15, 2026

Severity

CVSS

(AV:L/AC:M/Au:S/C:C/I:C/A:C)

Published

Sep 4, 2025

Added

Dec 2, 2025

Modified

Jan 15, 2026

Description

A vulnerability has been identified in the Linux kernel's Network File System (NFS) daemon that could allow for a Denial of Service and in worst case scenario Arbitrary Code Execution. This Use-After-Free flaw arises from a race condition when the kernel handles the confirmation of an NFS client identifier. If an NFS client is expiring while this confirmation is in progress, the system can attempt to use memory that is no longer allocated.

Solutions

redhat-upgrade-kernelredhat-upgrade-kernel-rt

References

CWE-416
NVD-CVE-2025-38724
REDHAT-RHSA-2025:22387
REDHAT-RHSA-2025:22388
REDHAT-RHSA-2025:22392
REDHAT-RHSA-2025:22395
REDHAT-RHSA-2025:22405
REDHAT-RHSA-2025:22571
REDHAT-RHSA-2026:0489

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today