4.7

CVE-2025-39697

NFS: Fix a race when updating an existing write

In the Linux kernel, the following vulnerability has been resolved:

NFS: Fix a race when updating an existing write

After nfs_lock_and_join_requests() tests for whether the request is
still attached to the mapping, nothing prevents a call to
nfs_inode_remove_request() from succeeding until we actually lock the
page group.
The reason is that whoever called nfs_inode_remove_request() doesn't
necessarily have a lock on the page group head.

So in order to avoid races, let's take the page group lock earlier in
nfs_lock_and_join_requests(), and hold it across the removal of the
request in nfs_inode_remove_request().
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.14 < 5.10.242
LinuxLinux Kernel Version >= 5.11 < 5.15.191
LinuxLinux Kernel Version >= 5.16 < 6.1.150
LinuxLinux Kernel Version >= 6.2 < 6.6.104
LinuxLinux Kernel Version >= 6.7 < 6.12.44
LinuxLinux Kernel Version >= 6.13 < 6.16.4
LinuxLinux Kernel Version6.17 Updaterc1
LinuxLinux Kernel Version6.17 Updaterc2
DebianDebian Linux Version11.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.13% 0.03
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.7 1 3.6
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

https://git.kernel.org/stable/c/92278ae36935a54e65fef9f8ea8efe7e80481ace
Patch
https://git.kernel.org/stable/c/202a3432d21ac060629a760fff3b0a39859da3ea
Patch
https://git.kernel.org/stable/c/76d2e3890fb169168c73f2e4f8375c7cc24a765e
Patch
https://git.kernel.org/stable/c/0ff42a32784e0f2cb46a46da8e9f473538c13e1b
Patch
https://git.kernel.org/stable/c/181feb41f0b268e6288bf9a7b984624d7fe2031d
Patch
https://git.kernel.org/stable/c/c32e3c71aaa1c1ba05da88605e2ddd493c58794f
Patch
https://git.kernel.org/stable/c/f230d40147cc37eb3aef4d50e2e2c06ea73d9a77
Patch
https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
Third Party Advisory
Mailing List
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
Third Party Advisory
Mailing List
https://cert-portal.siemens.com/productcert/html/ssa-032379.html
https://cert-portal.siemens.com/productcert/html/ssa-082556.html