VYPR
Medium severity5.5NVD Advisory· Published Jul 25, 2025· Updated Jun 17, 2026

CVE-2025-38430

CVE-2025-38430

Description

In the Linux kernel, the following vulnerability has been resolved:

nfsd: nfsd4_spo_must_allow() must check this is a v4 compound request

If the request being processed is not a v4 compound request, then examining the cstate can have undefined results.

This patch adds a check that the rpc procedure being executed (rq_procinfo) is the NFSPROC4_COMPOUND procedure.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

126

Patches

Vulnerability mechanics

References

11

News mentions

0

No linked articles in our index yet.