Bug 2152807 (CVE-2022-4379)

Summary: CVE-2022-4379 kernel: use-after-free in __nfs42_ssc_open() in fs/nfs/nfs4file.c leading to remote Denial of Service attack
Product: [Other] Security Response Reporter: Rohit Keshri <rkeshri>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: unspecifiedCC: acaringi, allarkin, bhu, chwhite, crwood, ddepaula, debarbos, dfreiber, dhoward, dvlasenk, ezulian, hkrzesin, jarod, jburrell, jfaracco, jferlan, jforbes, jlelli, joe.lawrence, jpoimboe, jshortt, jstancek, jwyatt, kcarcia, kernel-mgr, kpatch-maint, kyoshida, lgoncalv, lleshchi, lzampier, nmurray, ptalbert, qzhao, rhandlin, rogbas, rvrbovsk, scweaver, security-response-team, tyberry, vkumar, walters, williams, ycote
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to conduct a remote denial of service.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2023-03-23 13:16:46 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2152814, 2152815, 2152816, 2152817, 2152818, 2152827, 2152828, 2152829, 2152830, 2152831, 2152832, 2152833, 2152834, 2152835, 2152836, 2152837, 2153139, 2153140, 2153141, 2153142, 2153143, 2153144, 2153145, 2153146, 2153147, 2153149, 2153150, 2153151, 2153152, 2153153, 2153154, 2153155, 2153156, 2153157, 2156577    
Bug Blocks: 2151886    

Description Rohit Keshri 2022-12-13 06:52:03 UTC 
A use-after-free vulnerability in __nfs42_ssc_open() in fs/nfs/nfs4file.c in Linux kernel through v6.1-rc8, which allows an attacker to conduct remote Denial of Service attack.
Comment 11 Guilherme de Almeida Suckevicz 2022-12-27 18:52:54 UTC 
Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 2156577]
Comment 21 errata-xmlrpc 2023-02-28 08:18:42 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2023:0951 https://access.redhat.com/errata/RHSA-2023:0951
Comment 22 errata-xmlrpc 2023-02-28 09:51:16 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2023:0979 https://access.redhat.com/errata/RHSA-2023:0979
Comment 23 errata-xmlrpc 2023-02-28 11:42:40 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2023:1008 https://access.redhat.com/errata/RHSA-2023:1008
Comment 24 errata-xmlrpc 2023-03-14 13:53:47 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Extended Update Support

Via RHSA-2023:1202 https://access.redhat.com/errata/RHSA-2023:1202
Comment 25 errata-xmlrpc 2023-03-14 13:54:03 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Extended Update Support

Via RHSA-2023:1203 https://access.redhat.com/errata/RHSA-2023:1203
Comment 26 errata-xmlrpc 2023-03-23 09:03:35 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Extended Update Support

Via RHSA-2023:1435 https://access.redhat.com/errata/RHSA-2023:1435
Comment 27 Product Security DevOps Team 2023-03-23 13:16:42 UTC 
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2022-4379