Description
In the Linux kernel, the following vulnerability has been resolved: nfsd: Fix cred ref leak in nfsd_nl_listener_set_doit(). nfsd_nl_listener_set_doit() uses get_current_cred() without put_cred(). As we can see from other callers, svc_xprt_create_from_sa() does not require the extra refcount. nfsd_nl_listener_set_doit() is always in the process context, sendmsg(), and current->cred does not go away. Let's use current_cred() in nfsd_nl_listener_set_doit().
Product status
16a471177496c8e04a9793812c187a2c1a2192fa (git) before 02e87ec0bc706cb93fa47b43d18c4d10102c7d54
16a471177496c8e04a9793812c187a2c1a2192fa (git) before 019debe5851d7355bea9ff0248cc317878924d8f
16a471177496c8e04a9793812c187a2c1a2192fa (git) before cba413765376bb466035c9160fa3130402971e2c
16a471177496c8e04a9793812c187a2c1a2192fa (git) before 92978c83bb4eef55d02a6c990c01c423131eefa7
6.10
Any version before 6.10
6.12.78 (semver)
6.18.19 (semver)
6.19.9 (semver)
7.0 (original_commit_for_fix)
References
git.kernel.org/...c/02e87ec0bc706cb93fa47b43d18c4d10102c7d54
git.kernel.org/...c/019debe5851d7355bea9ff0248cc317878924d8f
git.kernel.org/...c/cba413765376bb466035c9160fa3130402971e2c
git.kernel.org/...c/92978c83bb4eef55d02a6c990c01c423131eefa7