CVE-2026-23050

EPSS -
Veröffentlicht 04.02.2026 16:04:19
Zuletzt bearbeitet 04.02.2026 17:16:15
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

pNFS: Fix a deadlock when returning a delegation during open()

Ben Coddington reports seeing a hang in the following stack trace:
  0 [ffffd0b50e1774e0] __schedule at ffffffff9ca05415
  1 [ffffd0b50e177548] schedule at ffffffff9ca05717
  2 [ffffd0b50e177558] bit_wait at ffffffff9ca061e1
  3 [ffffd0b50e177568] __wait_on_bit at ffffffff9ca05cfb
  4 [ffffd0b50e1775c8] out_of_line_wait_on_bit at ffffffff9ca05ea5
  5 [ffffd0b50e177618] pnfs_roc at ffffffffc154207b [nfsv4]
  6 [ffffd0b50e1776b8] _nfs4_proc_delegreturn at ffffffffc1506586 [nfsv4]
  7 [ffffd0b50e177788] nfs4_proc_delegreturn at ffffffffc1507480 [nfsv4]
  8 [ffffd0b50e1777f8] nfs_do_return_delegation at ffffffffc1523e41 [nfsv4]
  9 [ffffd0b50e177838] nfs_inode_set_delegation at ffffffffc1524a75 [nfsv4]
 10 [ffffd0b50e177888] nfs4_process_delegation at ffffffffc14f41dd [nfsv4]
 11 [ffffd0b50e1778a0] _nfs4_opendata_to_nfs4_state at ffffffffc1503edf [nfsv4]
 12 [ffffd0b50e1778c0] _nfs4_open_and_get_state at ffffffffc1504e56 [nfsv4]
 13 [ffffd0b50e177978] _nfs4_do_open at ffffffffc15051b8 [nfsv4]
 14 [ffffd0b50e1779f8] nfs4_do_open at ffffffffc150559c [nfsv4]
 15 [ffffd0b50e177a80] nfs4_atomic_open at ffffffffc15057fb [nfsv4]
 16 [ffffd0b50e177ad0] nfs4_file_open at ffffffffc15219be [nfsv4]
 17 [ffffd0b50e177b78] do_dentry_open at ffffffff9c09e6ea
 18 [ffffd0b50e177ba8] vfs_open at ffffffff9c0a082e
 19 [ffffd0b50e177bd0] dentry_open at ffffffff9c0a0935

The issue is that the delegreturn is being asked to wait for a layout
return that cannot complete because a state recovery was initiated. The
state recovery cannot complete until the open() finishes processing the
delegations it was given.

The solution is to propagate the existing flags that indicate a
non-blocking call to the function pnfs_roc(), so that it knows not to
wait in this situation.

Betroffene Produkte Warnungen 0 Metriken 0 CWE 0 Referenzen 6

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < a316fd9d3065b753b03d802530004aea481512cc

Version 29ade5db12930ec60133f6a02791f4b1a4af2943

Status affected

Version < d6c75aa9d607044d1e5c8498eff0259eed356c32

Version 29ade5db12930ec60133f6a02791f4b1a4af2943

Status affected

Version < 857bf9056291a16785ae3be1d291026b2437fc48

Version 29ade5db12930ec60133f6a02791f4b1a4af2943

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 4.10

Status affected

Version < 4.10

Version 0

Status unaffected

Version <= 6.12.*

Version 6.12.67

Status unaffected

Version <= 6.18.*

Version 6.18.7

Status unaffected

Version <= *

Version 6.19-rc6

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

Es wurden noch keine Metriken (CVSS, EPSS) zu dieser CVE veröffentlicht.

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/a316fd9d3065b753b03d802530004aea481512cc

https://git.kernel.org/stable/c/d6c75aa9d607044d1e5c8498eff0259eed356c32

https://git.kernel.org/stable/c/857bf9056291a16785ae3be1d291026b2437fc48

https://nvd.nist.gov/vuln/detail/CVE-2026-23050

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-23050

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-23050

EUVD