CVE-2022-49316

MEDIUM EPSS 9.9%
Published Feb 26, 20251y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Feb 26, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: NFSv4: Don't hold the layoutget locks across multiple RPC calls When doing layoutget as part of the open() compound, we have to be careful to release the layout locks before we can call any further RPC calls, such as setattr(). The reason is that those calls could trigger a recall, which could deadlock.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
9.9% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-667

Affected Products 6

VendorProductVersionRange
linuxlinux_kernel* <4.19.247
linuxlinux_kernel*≥4.20  –  <5.4.198
linuxlinux_kernel*≥5.5  –  <5.10.122
linuxlinux_kernel*≥5.11  –  <5.15.47
linuxlinux_kernel*≥5.16  –  <5.17.15
linuxlinux_kernel*≥5.18  –  <5.18.4

References 7

  • git.kernel.org https://git.kernel.org/stable/c/08d7a26d115cc7892668baa9750f64bd8baca29b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/0ee5b9644f06b4d3cdcd9544f43f63312e425a4c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6949493884fe88500de4af182588e071cf1544ee
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6b3fc1496e7227cd6a39a80bbfb7588ef7c7a010
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a2b3be930e79cc5d9d829f158e31172b2043f0cd
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d4c2a041ed3ba114502d5ed6ace5b1a48d637a8e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ea759ae0a9ae5acee677d722129710ac89cc59c1
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/08d7a26d115cc7892668baa9750f64bd8baca29b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/0ee5b9644f06b4d3cdcd9544f43f63312e425a4c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6949493884fe88500de4af182588e071cf1544ee
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6b3fc1496e7227cd6a39a80bbfb7588ef7c7a010
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a2b3be930e79cc5d9d829f158e31172b2043f0cd
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d4c2a041ed3ba114502d5ed6ace5b1a48d637a8e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ea759ae0a9ae5acee677d722129710ac89cc59c1
    Patch