PT-2025-35997 · Linux+9 · Linux Kernel+9
Lei Lu
·
Published
2025-06-04
·
Updated
2026-04-20
·
CVE-2025-38724
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel (affected versions not specified)
Description
The
nfsd4 setclientid confirm() function did not check the return value from get client locked(). A SETCLIENTID CONFIRM operation could race with a confirmed client expiring, failing to obtain a reference, and potentially leading to a use-after-free (UAF) condition. The issue was addressed by obtaining a reference early in the case of an existing confirmed client and handling failures appropriately.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
DoS
Unchecked Return Value
Use After Free
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Almalinux
Centos
Debian
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu