Linux Kernel NFSv4 Copy Structure Vulnerability in Network File System Daemon

CVE-2023-53606

What is CVE-2023-53606?

A vulnerability exists in the Linux Kernel's network file system daemon (nfsd) related to the nfsd4_copy struct handling. This issue arises from improper cleanup of references to nfsd_file instances during asynchronous copy operations. Specifically, the potential for a reference count leak occurs if the kthread_create call fails. In this scenario, both the source and destination file references associated with the nfsd4_copy structure can leak, leading to possible resource management issues. The cleanup in the code path has been identified as confusing, requiring changes to ensure that references from the embedded copy structure are accurately managed before the function returns. This fix is crucial to maintaining system stability and resource integrity.

References