CVE-2025-38567

{"id": "CVE-2025-38567", "cveTags": [], "metrics": {}, "published": "2025-08-19T17:15:33.380", "references": [{"url": "https://git.kernel.org/stable/c/c4bf8f26c51e51bbb840935659a7b3b65a802c07", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/e5a73150776f18547ee685c9f6bfafe549714899", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/fcb0a417fddb605530c4837e0996620f8ed38023", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Received", "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: avoid ref leak in nfsd_open_local_fh()\n\nIf two calls to nfsd_open_local_fh() race and both successfully call\nnfsd_file_acquire_local(), they will both get an extra reference to the\nnet to accompany the file reference stored in *pnf.\n\nOne of them will fail to store (using xchg()) the file reference in\n*pnf and will drop that reference but WON'T drop the accompanying\nreference to the net. This leak means that when the nfs server is shut\ndown it will hang in nfsd_shutdown_net() waiting for\n&nn->nfsd_net_free_done.\n\nThis patch adds the missing nfsd_net_put()."}], "lastModified": "2025-08-19T17:15:33.380", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}