CVE-2022-50385

Summary

In the Linux kernel, the following vulnerability has been resolved:

NFS: Fix an Oops in nfs_d_automount()

When mounting from a NFSv4 referral, path->dentry can end up being a negative dentry, so derive the struct nfs_server from the dentry itself instead.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux2b0143b5c986be1ce8408b3aadc4709e0a94429d < 5458bc0f9df639d83471ca384152cc62dbee0aebaffected
LinuxLinux2b0143b5c986be1ce8408b3aadc4709e0a94429d < f12377abac15fb4e8698225ac386894f8ae63598affected
LinuxLinux2b0143b5c986be1ce8408b3aadc4709e0a94429d < b6fd25d64b0de27991d6bd677f0adf69ad6ff07aaffected
LinuxLinux2b0143b5c986be1ce8408b3aadc4709e0a94429d < 6f3d56783fbed861e483736a7001bdafd0dddd53affected
LinuxLinux2b0143b5c986be1ce8408b3aadc4709e0a94429d < 35e3b6ae84935d0d7ff76cbdaa83411b0ad5e471affected
LinuxLinux4.1affected
LinuxLinux0 < 4.1unaffected
LinuxLinux5.10.163 <= 5.10.*unaffected
LinuxLinux5.15.86 <= 5.15.*unaffected
LinuxLinux6.0.16 <= 6.0.*unaffected
LinuxLinux6.1.2 <= 6.1.*unaffected
LinuxLinux6.2 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References