CVE-2024-53173

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-53173
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-53173.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-53173
Downstream
Related
Published
2024-12-27T14:15:24Z
Modified
2025-08-09T19:01:29Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

NFSv4.0: Fix a use-after-free problem in the asynchronous open()

Yang Erkun reports that when two threads are opening files at the same time, and are forced to abort before a reply is seen, then the call to nfsreleaseseqid() in nfs4opendatafree() can result in a use-after-free of the pointer to the defunct rpc task of the other thread. The fix is to ensure that if the RPC call is aborted before the call to nfswaitonsequence() is complete, then we must call nfsreleaseseqid() in nfs4openrelease() before the rpctask is freed.

References

Affected packages