Linux Kernel NFS Deadlock Vulnerability in nfsd by Vendor
CVE-2025-37871

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 9 May 2025

Summary

The Linux kernel's NFS subsystem was identified to contain a deadlock issue tied to the handling of delegations in the nfsd process. In specific scenarios, when invoking nfs4_put_stid following a failed dl_recall operation, a deadlock warning could emerge. This occurs during the deletion process of associated file leases which failed to decrease the reference count correctly, potentially blocking the necessary operations that release resources. The recent revisions have implemented a more effective way to manage the reference count directly within nfsd_break_one_deleg, thus preventing deadlock conditions and enhancing the overall stability of NFS operations. Users are advised to stay updated with the latest kernel patches to mitigate this risk.

Affected Version(s)

Linux b874cdef4e67e5150e07eff0eae1cbb21fb92da1

Linux cdb796137c57e68ca34518d53be53b679351eb86

Linux d96587cc93ec369031bcd7658c6adc719873c9fd

References

https://git.kernel.org/stable/c/b9bbe8f9d5663311d06667ce3...

https://git.kernel.org/stable/c/a70832d3555987035fc430ccd...

https://git.kernel.org/stable/c/ba903539fff745d592d893c71...

Timeline

Vulnerability published
May 9, 2025
Vulnerability Reserved
Apr 16, 2025