DEBIAN-CVE-2022-49418
- Source
- https://security-tracker.debian.org/tracker/CVE-2022-49418
- Import Source
- https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2022-49418.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2022-49418
- Upstream
- Published
- 2025-02-26T07:01:18Z
- Modified
- 2025-09-19T06:16:21Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix free of uninitialized nfs4label on referral lookup. Send along the already-allocated fattr along with nfs4fslocations, and drop the memcpy of fattr. We end up growing two more allocations, but this fixes up a crash as: PID: 790 TASK: ffff88811b43c000 CPU: 0 COMMAND: "ls" #0 [ffffc90000857920] panic at ffffffff81b9bfde #1 [ffffc900008579c0] dotrap at ffffffff81023a9b #2 [ffffc90000857a10] doerrortrap at ffffffff81023b78 #3 [ffffc90000857a58] excstacksegment at ffffffff81be1f45 #4 [ffffc90000857a80] asmexcstacksegment at ffffffff81c009de #5 [ffffc90000857b08] nfslookup at ffffffffa0302322 [nfs] #6 [ffffc90000857b70] _lookupslow at ffffffff813a4a5f #7 [ffffc90000857c60] walkcomponent at ffffffff813a86c4 #8 [ffffc90000857cb8] pathlookupat at ffffffff813a9553 #9 [ffffc90000857cf0] filename_lookup at ffffffff813ab86b
- References
Affected packages
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:14 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source