vulnerability
Ubuntu: (CVE-2022-49103): linux vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:S/C:N/I:N/A:C) | 2025-02-26 | 2025-03-19 | 2025-03-20 |
Description
In the Linux kernel, the following vulnerability has been resolved:
NFSv4.2: fix reference count leaks in _nfs42_proc_copy_notify()
[You don't often get email from [email protected]. Learn why this is important at http://aka.ms/LearnAboutSenderIdentification.]
The reference counting issue happens in two error paths in the
function _nfs42_proc_copy_notify(). In both error paths, the function
simply returns the error code and forgets to balance the refcount of
object `ctx`, bumped by get_nfs_open_context() earlier, which may
cause refcount leaks.
Fix it by balancing refcount of the `ctx` object before the function
returns in both error paths.
Solution(s)
References
- CVE-2022-49103
- https://attackerkb.com/topics/CVE-2022-49103
- URL-https://git.kernel.org/linus/b7f114edd54326f730a754547e7cfb197b5bc132
- URL-https://git.kernel.org/stable/c/9b9feec97c1fc7dd9bb69f62c4905cddf1801599
- URL-https://git.kernel.org/stable/c/b37f482ba9f0e6382c188e3fccf6c4b2fdc938eb
- URL-https://git.kernel.org/stable/c/b7f114edd54326f730a754547e7cfb197b5bc132
- URL-https://git.kernel.org/stable/c/f46f632f9cfae4b2e3635fa58840a8ec584c42e3
- URL-https://git.kernel.org/stable/c/fb73bf6305f4eb8f0cf9a61ee874d55f019d6dc4
- URL-https://www.cve.org/CVERecord?id=CVE-2022-49103
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.