CVE-2022-49418

UNKNOWN 0.0

NFSv4: Fix free of uninitialized nfs4_label on referral lookup.

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix free of uninitialized nfs4_label on referral lookup. Send along the already-allocated fattr along with nfs4_fs_locations, and drop the memcpy of fattr. We end up growing two more allocations, but this fixes up a crash as: PID: 790 TASK: ffff88811b43c000 CPU: 0 COMMAND: "ls" #0 [ffffc90000857920] panic at ffffffff81b9bfde #1 [ffffc900008579c0] do_trap at ffffffff81023a9b #2 [ffffc90000857a10] do_error_trap at ffffffff81023b78 #3 [ffffc90000857a58] exc_stack_segment at ffffffff81be1f45 #4 [ffffc90000857a80] asm_exc_stack_segment at ffffffff81c009de #5 [ffffc90000857b08] nfs_lookup at ffffffffa0302322 [nfs] #6 [ffffc90000857b70] __lookup_slow at ffffffff813a4a5f #7 [ffffc90000857c60] walk_component at ffffffff813a86c4 #8 [ffffc90000857cb8] path_lookupat at ffffffff813a9553 #9 [ffffc90000857cf0] filename_lookup at ffffffff813ab86b

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Feb 26, 2025
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

9558a007dbc383d48e7f5a123d0b5ff656c71068 < 6015292653d95ba9f72906e2b65e536aa5807d64 9558a007dbc383d48e7f5a123d0b5ff656c71068 < c3ed222745d9ad7b69299b349a64ba533c64a34f

Linux / Linux

5.16

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/6015292653d95ba9f72906e2b65e536aa5807d64 git.kernel.org: https://git.kernel.org/stable/c/c3ed222745d9ad7b69299b349a64ba533c64a34f