CVE-2026-22989

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel’s Network File System daemon (nfsd) is susceptible to a server crash when attempting to unlock the filesystem through an administrative interface while nfsd is not running. This occurs because the nfsd4 revoke states() function accesses state structures, such as conf id hashtbl, that have already been freed during server shutdown. The call trace indicates the issue originates within the nfsd4 revoke states() function and propagates through write unlock fs, nfsctl transaction write, and ultimately ksys write. The recommended solution involves acquiring the nfsd mutex, verifying the server's operational status, and maintaining the mutex lock throughout the call to nfsd4 revoke states().

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.