In the Linux kernel, the following vulnerability has been resolved: nfsd: don't ignore the return code of svc_proc_register() Currently, nfsd_proc_stat_init() ignores the return value of svc_proc_register(). If the procfile creation fails, then the kernel will WARN when it tries to remove the entry later. Fix nfsd_proc_stat_init() to return the same type of pointer as svc_proc_register(), and fix up nfsd_net_init() to check that and fail the nfsd_net construction if it occurs. svc_proc_register() can fail if the dentry can't be allocated, or if an identical dentry already exists. The second case is pretty unlikely in the nfsd_net construction codepath, so if this happens, return -ENOMEM.
Upstream advisory: https://lore.kernel.org/linux-cve-announce/2025041654-CVE-2025-22026-f6be@gregkh/T
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.4 Extended Update Support Via RHSA-2025:13946 https://access.redhat.com/errata/RHSA-2025:13946
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Via RHSA-2025:14003 https://access.redhat.com/errata/RHSA-2025:14003
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Via RHSA-2025:14005 https://access.redhat.com/errata/RHSA-2025:14005
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Via RHSA-2025:14744 https://access.redhat.com/errata/RHSA-2025:14744
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Via RHSA-2025:14749 https://access.redhat.com/errata/RHSA-2025:14749
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2025:16920 https://access.redhat.com/errata/RHSA-2025:16920
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2025:16919 https://access.redhat.com/errata/RHSA-2025:16919
This issue has been addressed in the following products: Red Hat Enterprise Linux 10 Via RHSA-2025:17396 https://access.redhat.com/errata/RHSA-2025:17396
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2025:18281 https://access.redhat.com/errata/RHSA-2025:18281
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Red Hat Enterprise Linux 8.8 Telecommunications Update Service Via RHSA-2025:18932 https://access.redhat.com/errata/RHSA-2025:18932
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Red Hat Enterprise Linux 8.6 Telecommunications Update Service Via RHSA-2025:19222 https://access.redhat.com/errata/RHSA-2025:19222
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Extended Lifecycle Support Via RHSA-2025:21063 https://access.redhat.com/errata/RHSA-2025:21063
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Extended Lifecycle Support Via RHSA-2025:21082 https://access.redhat.com/errata/RHSA-2025:21082
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Via RHSA-2025:21667 https://access.redhat.com/errata/RHSA-2025:21667