VYPR
High severity7.8NVD Advisory· Published Dec 27, 2024· Updated Jun 17, 2026

CVE-2024-53173

CVE-2024-53173

Description

In the Linux kernel, the following vulnerability has been resolved:

NFSv4.0: Fix a use-after-free problem in the asynchronous open()

Yang Erkun reports that when two threads are opening files at the same time, and are forced to abort before a reply is seen, then the call to nfs_release_seqid() in nfs4_opendata_free() can result in a use-after-free of the pointer to the defunct rpc task of the other thread. The fix is to ensure that if the RPC call is aborted before the call to nfs_wait_on_sequence() is complete, then we must call nfs_release_seqid() in nfs4_open_release() before the rpc_task is freed.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

261

Patches

Vulnerability mechanics

References

11

News mentions

0

No linked articles in our index yet.