CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
5.1%
A vulnerability in the Linux kernel’s NFSv4 subsystem caused a NULL pointer dereference in pnfs_mark_matching_lsegs_return(). This issue occurred because _pnfs_return_layout() passed a NULL pnfs_layout_range argument, which was not checked before dereferencing, leading to a system crash.
Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.