{"id":"CVE-2025-38567","summary":"nfsd: avoid ref leak in nfsd_open_local_fh()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: avoid ref leak in nfsd_open_local_fh()\n\nIf two calls to nfsd_open_local_fh() race and both successfully call\nnfsd_file_acquire_local(), they will both get an extra reference to the\nnet to accompany the file reference stored in *pnf.\n\nOne of them will fail to store (using xchg()) the file reference in\n*pnf and will drop that reference but WON'T drop the accompanying\nreference to the net.  This leak means that when the nfs server is shut\ndown it will hang in nfsd_shutdown_net() waiting for\n&nn-\u003enfsd_net_free_done.\n\nThis patch adds the missing nfsd_net_put().","modified":"2026-04-02T12:48:01.843236Z","published":"2025-08-19T17:02:48.306Z","database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38567.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/c4bf8f26c51e51bbb840935659a7b3b65a802c07"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e5a73150776f18547ee685c9f6bfafe549714899"},{"type":"WEB","url":"https://git.kernel.org/stable/c/fcb0a417fddb605530c4837e0996620f8ed38023"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38567.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38567"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"986a21ace186433e0397a59491646edad8c8d636"},{"fixed":"fcb0a417fddb605530c4837e0996620f8ed38023"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"e6f7e1487ab528a6c653bd0d42812ff2942846cd"},{"fixed":"c4bf8f26c51e51bbb840935659a7b3b65a802c07"},{"fixed":"e5a73150776f18547ee685c9f6bfafe549714899"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-38567.json"}}],"schema_version":"1.7.5"}