Error Handling Vulnerability in Linux Kernel NFS Component by Linux Foundation
CVE-2025-38400
What is CVE-2025-38400?
A vulnerability exists in the Linux Kernel's Network File System (NFS) component where errors during initialization do not trigger proper cleanup of related system directories. When the initialization function nfs_fs_proc_net_init() fails, it results in the /proc/net/rpc/nfs directory remaining intact when it should be removed. This mismanagement can lead to subsequent errors when attempts are made to remove the non-empty directory, which can cause confusion and resource leaks on the system. Fixes have been established to ensure the proper handling of initialization failures, preventing warnings and maintaining system integrity.
Affected Version(s)
Linux 31dd0cda5aa0547de447aaf184812f85ccc34044 < 8785701fd7cd52ae74c0d2b35b82568df74e9dbb
Linux 6eef21eb7a165601882dad0419a630e32d2d7a2c < 412534a1fb76958b88dca48360c6f3ad4f3390f4
Linux 0bbd429260821dfb81478749837d3e6377949ac6