CVE-2025-38430

nfsd: nfsd4_spo_must_allow() must check this is a v4 compound request

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: nfsd: nfsd4_spo_must_allow() must check this is a v4 compound request If the request being processed is not a v4 compound request, then
examining the cstate can have undefined results. This patch adds a check that the rpc procedure being executed
(rq_procinfo) is the NFSPROC4_COMPOUND procedure.

En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: nfsd: nfsd4_spo_must_allow() debe comprobar que se trata de una solicitud compuesta v4. Si la solicitud que se está procesando no es una solicitud compuesta v4, examinar el estado de ejecución (cstate) puede tener resultados indefinidos. Este parche añade una comprobación de que el procedimiento rpc en ejecución (rq_procinfo) es el procedimiento NFSPROC4_COMPOUND.

The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bug fixes.

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2025-04-16 CVE Reserved
2025-07-25 CVE Published
2025-07-28 CVE Updated
2025-08-26 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (8)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/bf78a2706ce975981eb5167f2d3b609eb5d24c19	2025-06-27
https://git.kernel.org/stable/c/b1d0323a09a29f81572c7391e0d80d78724729c9	2025-06-27
https://git.kernel.org/stable/c/425efc6b3292a3c79bfee4a1661cf043dcd9cf2f	2025-06-27
https://git.kernel.org/stable/c/64a723b0281ecaa59d31aad73ef8e408a84cb603	2025-06-27
https://git.kernel.org/stable/c/e7e943ddd1c6731812357a28e7954ade3a7d8517	2025-06-27
https://git.kernel.org/stable/c/7a75a956692aa64211a9e95781af1ec461642de4	2025-06-27
https://git.kernel.org/stable/c/2c54bd5a380ebf646fb9efbc4ae782ff3a83a5af	2025-06-27
https://git.kernel.org/stable/c/1244f0b2c3cecd3f349a877006e67c9492b41807	2025-05-11

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 5.4.295 Search vendor "Linux" for product "Linux Kernel" and version " < 5.4.295"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 5.10.239 Search vendor "Linux" for product "Linux Kernel" and version " < 5.10.239"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 5.15.186 Search vendor "Linux" for product "Linux Kernel" and version " < 5.15.186"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 6.1.142 Search vendor "Linux" for product "Linux Kernel" and version " < 6.1.142"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 6.6.95 Search vendor "Linux" for product "Linux Kernel" and version " < 6.6.95"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 6.12.35 Search vendor "Linux" for product "Linux Kernel" and version " < 6.12.35"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 6.15.4 Search vendor "Linux" for product "Linux Kernel" and version " < 6.15.4"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 6.16 Search vendor "Linux" for product "Linux Kernel" and version " < 6.16"		en		Affected