A flaw was found in the hanging of mounts in the Linux kernel's NFS4 subsystem where remote servers are unreachable for the client during migration of data from one server to another (during trunking detection). This flaw allows a remote NFS4 server (if the client is connected) to starve the resources, causing a denial of service. The highest threat from this vulnerability is to system availability.
Platform | Package | Release Date | Advisory |
---|---|---|---|
Amazon Linux 1 | kernel | 2022-03-07 23:19 | ALAS-2022-1571 |
Amazon Linux 2 - Core | kernel | 2022-03-07 23:32 | ALAS2-2022-1761 |
Amazon Linux 2 - Kernel-5.10 Extra | kernel | 2022-01-20 23:43 | ALAS2KERNEL-5.10-2022-004 |
Amazon Linux 2 - Kernel-5.4 Extra | kernel | 2022-01-20 19:03 | ALAS2KERNEL-5.4-2022-006 |
Score Type | Score | Vector | |
---|---|---|---|
Amazon Linux | CVSSv3 | 6.5 | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
NVD | CVSSv2 | 3.3 | AV:A/AC:L/Au:N/C:N/I:N/A:P |
NVD | CVSSv3 | 6.5 | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |