Linux Kernel NFS Client Callback Issue in NFSD
CVE-2025-21795

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
27 February 2025

What is CVE-2025-21795?

A vulnerability in the Linux kernel's NFSD can cause a hang during the nfsd4_shutdown_callback, particularly when the nfs4_client is in a courtesy state. This issue arises because the callback attempt remains in progress due to cl_cb_inflight not being zero, resulting in a prolonged hang of approximately 15 minutes until the TCP layer drops the connection. This vulnerability has been addressed by modifying the nfsd4_run_cb_work function to bypass the RPC call when the nfs4_client is in courtesy state, thereby enhancing overall system stability and performance.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 67ef9e5fd737eab2495f2586df7e9ea30caa1b77

Linux 26540b8940a2e21582afa61a6fb8af87310bac72

Linux 66af25799940b26efd41ea6e648f75c41a48a2c2 < 38d345f612503b850c2973e5a879f88e441b34d7

References

https://git.kernel.org/stable/c/abed68027ea3ab893ac85cc46...
https://git.kernel.org/stable/c/efa8a261c575f816c7e79a87a...
https://git.kernel.org/stable/c/38d345f612503b850c2973e5a...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.