PT-2025-8031 · Linux+2 · Linux Kernel+2

Xin Xiong

Published

2022-02-25

Updated

2025-04-14

CVE-2022-49103

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A reference count leak issue was found in the Linux kernel's NFSv4.2 implementation, specifically in the nfs42 proc copy notify() function. The issue occurs in two error paths where the function returns an error code without properly balancing the reference count of the ctx object, which was previously bumped by get nfs open context(). This can cause reference count leaks.

Recommendations To resolve the issue, ensure that the reference count of the ctx object is properly balanced before the nfs42 proc copy notify() function returns in both error paths. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-911CWE-401CWE-664

Related Identifiers

BDU:2026-01254

CVE-2022-49103

SUSE-SU-2025:1027-1

SUSE-SU-2025:1176-1

SUSE-SU-2025:1183-1

SUSE-SU-2025:1241-1

SUSE-SU-2025_1027-1

SUSE-SU-2025_1241-1

Affected Products

Astra Linux

Linux Kernel

Suse

PT-2025-8031 · Linux+2 · Linux Kernel+2

CVE-2022-49103

Weakness Enumeration

Related Identifiers

Affected Products

References · 1336