CVE-2022-49103
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-49103
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-49103.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2022-49103
- Related
- Published
- 2025-02-26T07:00:47Z
- Modified
- 2025-03-13T22:49:37.601605Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
NFSv4.2: fix reference count leaks in nfs42proccopynotify()
[You don't often get email from xiongx18@fudan.edu.cn. Learn why this is important at http://aka.ms/LearnAboutSenderIdentification.]
The reference counting issue happens in two error paths in the function nfs42proccopynotify(). In both error paths, the function simply returns the error code and forgets to balance the refcount of object
ctx, bumped by getnfsopen_context() earlier, which may cause refcount leaks.Fix it by balancing refcount of the
ctxobject before the function returns in both error paths. - References
-
- https://git.kernel.org/stable/c/9b9feec97c1fc7dd9bb69f62c4905cddf1801599
- https://git.kernel.org/stable/c/b37f482ba9f0e6382c188e3fccf6c4b2fdc938eb
- https://git.kernel.org/stable/c/b7f114edd54326f730a754547e7cfb197b5bc132
- https://git.kernel.org/stable/c/f46f632f9cfae4b2e3635fa58840a8ec584c42e3
- https://git.kernel.org/stable/c/fb73bf6305f4eb8f0cf9a61ee874d55f019d6dc4
- https://security-tracker.debian.org/tracker/CVE-2022-49103
Affected packages
Debian:11 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.10.113-1
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source