CVE-2022-49316

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2022-49316
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49316.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-49316
Downstream
Related
Published
2025-02-26T02:10:43.569Z
Modified
2026-03-20T12:22:21.255325Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
NFSv4: Don't hold the layoutget locks across multiple RPC calls
Details

In the Linux kernel, the following vulnerability has been resolved:

NFSv4: Don't hold the layoutget locks across multiple RPC calls

When doing layoutget as part of the open() compound, we have to be careful to release the layout locks before we can call any further RPC calls, such as setattr(). The reason is that those calls could trigger a recall, which could deadlock.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49316.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
56f487f8c8fc5d6e582b79a86fc132d050129e15
Fixed
6b3fc1496e7227cd6a39a80bbfb7588ef7c7a010
Fixed
a2b3be930e79cc5d9d829f158e31172b2043f0cd
Fixed
0ee5b9644f06b4d3cdcd9544f43f63312e425a4c
Fixed
d4c2a041ed3ba114502d5ed6ace5b1a48d637a8e
Fixed
08d7a26d115cc7892668baa9750f64bd8baca29b
Fixed
ea759ae0a9ae5acee677d722129710ac89cc59c1
Fixed
6949493884fe88500de4af182588e071cf1544ee

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49316.json"