nfsd: never defer requests during idmap lookup

MITRE NVD CVE.ORG JSON API Print: PDF PDF

Summary

CVECVE-2026-45983
StatePUBLISHED
AssignerLinux
Source PriorityCVE Program / NVD first with legacy fallback
Published2026-05-27 14:17:15 UTC
Updated2026-06-16 02:39:11 UTC
DescriptionIn the Linux kernel, the following vulnerability has been resolved: nfsd: never defer requests during idmap lookup During v4 request compound arg decoding, some ops (e.g. SETATTR) can trigger idmap lookup upcalls. When those upcall responses get delayed beyond the allowed time limit, cache_check() will mark the request for deferral and cause it to be dropped. This prevents nfs4svc_encode_compoundres from being executed, and thus the session slot flag NFSD4_SLOT_INUSE never gets cleared. Subsequent client requests will fail with NFSERR_JUKEBOX, given that the slot will be marked as in-use, making the SEQUENCE op fail. Fix this by making sure that the RQ_USEDEFERRAL flag is always clear during nfs4svc_decode_compoundargs(), since no v4 request should ever be deferred.

Risk And Classification

Primary CVSS: v3.1 5.5 MEDIUM from [email protected]

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS: 0.000240000 probability, percentile 0.073320000 (date 2026-06-01)

Problem Types: NVD-CWE-noinfo

CVSS v3.1 Breakdown

Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

NVD Known Affected Configurations (CPE 2.3)

TypeVendorProductVersionUpdateEditionLanguage
Operating System Linux Linux Kernel All All All All

Vendor Declared Affected Products

SourceVendorProductVersionPlatforms
CNA Linux Linux affected 2f425878b6a71571341dcd3f9e9d1a6f6355da9c b9abb760db20504240a7147f27934d900cd80b23 git Not specified
CNA Linux Linux affected 2f425878b6a71571341dcd3f9e9d1a6f6355da9c 3a72c7dedc99b321e0f267e4e999e5baf07c4593 git Not specified
CNA Linux Linux affected 2f425878b6a71571341dcd3f9e9d1a6f6355da9c 99e17b20fddac19a228d213e00f6b9e1c10daff9 git Not specified
CNA Linux Linux affected 2f425878b6a71571341dcd3f9e9d1a6f6355da9c 243f71ed873ff3feeb6f9b5cb145d63f7188b4c4 git Not specified
CNA Linux Linux affected 2f425878b6a71571341dcd3f9e9d1a6f6355da9c 063a6f22478ef929625000a2caf54667725c1dfd git Not specified
CNA Linux Linux affected 2f425878b6a71571341dcd3f9e9d1a6f6355da9c d75ec4504a4340b033b15cad0303988b3089dd93 git Not specified
CNA Linux Linux affected 2f425878b6a71571341dcd3f9e9d1a6f6355da9c 8dff54fe88c0dcd4c55bff9fc2fa6ca968290826 git Not specified
CNA Linux Linux affected 2f425878b6a71571341dcd3f9e9d1a6f6355da9c f9c206cdc4266caad6a9a7f46341420a10f03ccb git Not specified
CNA Linux Linux affected 2.6.30 Not specified
CNA Linux Linux unaffected 2.6.30 semver Not specified
CNA Linux Linux unaffected 5.10.252 5.10.* semver Not specified
CNA Linux Linux unaffected 5.15.202 5.15.* semver Not specified
CNA Linux Linux unaffected 6.1.165 6.1.* semver Not specified
CNA Linux Linux unaffected 6.6.128 6.6.* semver Not specified
CNA Linux Linux unaffected 6.12.75 6.12.* semver Not specified
CNA Linux Linux unaffected 6.18.14 6.18.* semver Not specified
CNA Linux Linux unaffected 6.19.4 6.19.* semver Not specified
CNA Linux Linux unaffected 7.0 * original_commit_for_fix Not specified

References

ReferenceSourceLinkTags
git.kernel.org/stable/c/d75ec4504a4340b033b15cad0303988b3089dd93 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org Patch
git.kernel.org/stable/c/b9abb760db20504240a7147f27934d900cd80b23 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org Patch
git.kernel.org/stable/c/99e17b20fddac19a228d213e00f6b9e1c10daff9 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org Patch
git.kernel.org/stable/c/063a6f22478ef929625000a2caf54667725c1dfd 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org Patch
git.kernel.org/stable/c/243f71ed873ff3feeb6f9b5cb145d63f7188b4c4 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org Patch
git.kernel.org/stable/c/f9c206cdc4266caad6a9a7f46341420a10f03ccb 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org Patch
git.kernel.org/stable/c/3a72c7dedc99b321e0f267e4e999e5baf07c4593 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org Patch
git.kernel.org/stable/c/8dff54fe88c0dcd4c55bff9fc2fa6ca968290826 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org Patch
CVE Program record CVE.ORG www.cve.org canonical
NVD vulnerability detail NVD nvd.nist.gov canonical, analysis
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report