Wiz
Vulnerability DatabaseCVE-2022-4379

CVE-2022-4379
Linux Kernel vulnerability analysis and mitigation

Overview

A use-after-free vulnerability was discovered in _nfs42ssc_open() function in fs/nfs/nfs4file.c in the Linux kernel through version 6.1. The vulnerability was discovered in December 2022 and assigned CVE-2022-4379. The issue affects the NFSv4.2 inter server to server copy implementation (NVD, OSS-SEC).

Technical details

The vulnerability is caused by dereferencing a vfsmount which is freed but still remains on the delayed unmount list. This occurs when nfs42sscopen returns an error when called in nfsd4doasync_copy. The bug can be triggered by two consecutive inter-server-side copies if the first one encounters an error (OSS-SEC). The vulnerability has been assigned a CVSS v3.1 base score of 7.5 (High) (NetApp).

Impact

When successfully exploited, this vulnerability allows an attacker to conduct a remote denial of service attack. The issue affects the system's stability and availability (NVD, NetApp).

Mitigation and workarounds

The issue has been fixed in the Linux kernel through a patch submitted by Dai Ngo. The fix involves removing nfsd4intersscconnect() and leaving the vfsmount for the laundromat to unmount when idle time expires (OSS-SEC). Various Linux distributions have released updates to address this vulnerability, including Fedora and Ubuntu (Fedora).

Additional resources

SourceThis report was generated using AI

Related Linux Kernel vulnerabilities:

CVE ID

Severity

Score

Technologies

Component name

CISA KEV exploit

Has fix

Published date

CVE-2025-40258HIGH7
  • Linux KernelLinux Kernel
  • kernel-zfcpdump-devel-matched
NoNoDec 04, 2025
CVE-2025-40259MEDIUM6.2
  • Linux KernelLinux Kernel
  • kernel-64k-devel
NoNoDec 04, 2025
CVE-2025-40264MEDIUM5.5
  • Linux KernelLinux Kernel
  • kernel-rt-64k-debug-kvm
NoNoDec 04, 2025
CVE-2025-40254MEDIUM5.5
  • Linux KernelLinux Kernel
  • kernel-modules-partner
NoNoDec 04, 2025
CVE-2025-40253MEDIUM5.5
  • Linux KernelLinux Kernel
  • python3-perf
NoNoDec 04, 2025

Free Vulnerability Assessment

Benchmark your Cloud Security Posture

Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.

Request assessment

Additional Wiz resources

Cloud Vulnerability DB

Cloud Vulnerability DB

A community-led vulnerabilities database

Cloud Threat Landscape

Cloud Threat Landscape

A threat intelligence database

PEACH

PEACH

A tenant isolation framework

Get a personalized demo

Ready to see Wiz in action?

"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management
Get a demo