Vulnerability Details CVE-2025-38028
In the Linux kernel, the following vulnerability has been resolved:
NFS/localio: Fix a race in nfs_local_open_fh()
Once the clp->cl_uuid.lock has been dropped, another CPU could come in
and free the struct nfsd_file that was just added. To prevent that from
happening, take the RCU read lock before dropping the spin lock.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 1.2%
CVSS Severity
CVSS v3 Score 4.7
References
Products affected by CVE-2025-38028
-
cpe:2.3:o:linux:linux_kernel:6.14
-
cpe:2.3:o:linux:linux_kernel:6.14.1
-
cpe:2.3:o:linux:linux_kernel:6.14.2
-
cpe:2.3:o:linux:linux_kernel:6.14.3
-
cpe:2.3:o:linux:linux_kernel:6.14.4
-
cpe:2.3:o:linux:linux_kernel:6.14.5
-
cpe:2.3:o:linux:linux_kernel:6.14.6
-
cpe:2.3:o:linux:linux_kernel:6.14.7
-
cpe:2.3:o:linux:linux_kernel:6.15