Jan Schunk

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to a slow server-side memory leak in the SUNRPC component of the Linux kernel when using RPC-over-TCP. This leak occurs because the `sock sendmsg()` function does not release all pages in the underlying `bio vec` array as assumed, specifically the record marker page fragment which is never released by `svc xprt release()`. This can lead to memory exhaustion, particularly affecting small NFS servers after just a few days. A narrow fix is available for stable kernels, with a more extensive fix in development. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.