GSD-2023-1000754

See a problem?
Please try reporting it to the source first.

Source

https://data.gsd.id/GSD-2023-1000754

Import Source

https://github.com/cloudsecurityalliance/gsd-database/blob/main/2023/1000xxx/GSD-2023-1000754.json

JSON Data

https://api.osv.dev/v1/vulns/GSD-2023-1000754

Published

2023-01-17T18:07:19.041216Z

Modified

2023-02-22T09:43:52.624044Z

Summary

NFSv4: Fix a credential leak in _nfs4_discover_trunking()

Details

NFSv4: Fix a credential leak in nfs4discover_trunking()

This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit dfad5d5e7511933c2ae3d12a8131840074c5a73d, it was introduced in version v5.19 by commit 4f40a5b5544618b096d1611a18219dd91fd57f80. For more details please see the references link.

References

Affected packages

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/
Events: Introduced

4f40a5b5544618b096d1611a18219dd91fd57f80

Limit

dfad5d5e7511933c2ae3d12a8131840074c5a73d

Affected versions

v5.*

v5.19

v5.19-rc5

v5.19-rc6

v5.19-rc7

v5.19-rc8

v6.*

v6.0

v6.0-rc1

v6.0-rc2

v6.0-rc3

v6.0-rc4

v6.0-rc5

v6.0-rc6

v6.0-rc7

v6.0.1

v6.0.10

v6.0.11

v6.0.12

v6.0.13

v6.0.14

v6.0.15

v6.0.2

v6.0.3

v6.0.4

v6.0.5

v6.0.6

v6.0.7

v6.0.8

v6.0.9