CVE-2026-45983
Published: May 27, 2026
Modified: May 27, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: nfsd: never defer requests during idmap lookup During v4 request compound arg decoding, some ops (e.g. SETATTR) can trigger idmap lookup upcalls. When those upcall responses get delayed beyond the allowed time limit, cache_check() will mark the request for deferral and cause it to be dropped. This prevents nfs4svc_encode_compoundres from being executed, and thus the session slot flag NFSD4_SLOT_INUSE never gets cleared. Subsequent client requests will fail with NFSERR_JUKEBOX, given that the slot will be marked as in-use, making the SEQUENCE op fail. Fix this by making sure that the RQ_USEDEFERRAL flag is always clear during nfs4svc_decode_compoundargs(), since no v4 request should ever be deferred.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 2f425878b6a71571341dcd3f9e9d1a6f6355da9c - < b9abb760db20504240a7147f27934d900cd80b23affected 2f425878b6a71571341dcd3f9e9d1a6f6355da9c - < 3a72c7dedc99b321e0f267e4e999e5baf07c4593affected 2f425878b6a71571341dcd3f9e9d1a6f6355da9c - < 99e17b20fddac19a228d213e00f6b9e1c10daff9affected 2f425878b6a71571341dcd3f9e9d1a6f6355da9c - < 243f71ed873ff3feeb6f9b5cb145d63f7188b4c4affected 2f425878b6a71571341dcd3f9e9d1a6f6355da9c - < 063a6f22478ef929625000a2caf54667725c1dfd+3 more versions |
Linux | Linux | affected 2.6.30unaffected 0 - < 2.6.30unaffected 5.10.252 - <= 5.10.*unaffected 5.15.202 - <= 5.15.*unaffected 6.1.165 - <= 6.1.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now