CVE-2022-49316CVSS 5.5Linux
CVE-2022-49316: linux kernel vulnerability
In the Linux kernel, the following vulnerability has been resolved: NFSv4: Don't hold the layoutget locks across multiple RPC calls When doing layoutget as part of the open() compound, we have to be careful to release the layout locks before we can call any further RPC calls, such as setattr(). The reason is that those calls could trigger a recall, which could deadlock.
- CVSS
- 5.5 MEDIUM
- EPSS
- 10.55%
- Активно використовується
- немає в KEV
- Продукт
- linux kernel
Що відомо
In the Linux kernel, the following vulnerability has been resolved: NFSv4: Don't hold the layoutget locks across multiple RPC calls When doing layoutget as part of the open() compound, we have to be careful to release the layout locks before we can call any further RPC calls, such as setattr(). The reason is that those calls could trigger a recall, which could deadlock.