{"id":"CVE-2021-47259","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: Fix use-after-free in nfs4_init_client()\n\nKASAN reports a use-after-free when attempting to mount two different\nexports through two different NICs that belong to the same server.\n\nOlga was able to hit this with kernels starting somewhere between 5.7\nand 5.10, but I traced the patch that introduced the clear_bit() call to\n4.13. So something must have changed in the refcounting of the clp\npointer to make this call to nfs_put_client() the very last one.","modified":"2026-03-13T05:20:39.025672Z","published":"2024-05-21T15:15:14.610Z","related":["SUSE-SU-2024:2010-1","SUSE-SU-2024:2183-1","SUSE-SU-2024:2185-1"],"references":[{"type":"FIX","url":"https://git.kernel.org/stable/c/c7eab9e2d7b4e983ce280276fb920af649955897"},{"type":"FIX","url":"https://git.kernel.org/stable/c/3e3c7ebbfac152d08be75c92802a64a1f6471a15"},{"type":"FIX","url":"https://git.kernel.org/stable/c/42c10b0db064e45f5c5ae7019bbf2168ffab766c"},{"type":"FIX","url":"https://git.kernel.org/stable/c/476bdb04c501fc64bf3b8464ffddefc8dbe01577"},{"type":"FIX","url":"https://git.kernel.org/stable/c/72651c6579a25317a90536181d311c663d0329ab"},{"type":"FIX","url":"https://git.kernel.org/stable/c/c3b6cf64dfe4ef96e7341508d50d6998da7062c7"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-47259.json","unresolved_ranges":[{"events":[{"introduced":"4.13"},{"fixed":"4.14.237"}]},{"events":[{"introduced":"4.15"},{"fixed":"4.19.195"}]},{"events":[{"introduced":"4.20"},{"fixed":"5.4.126"}]},{"events":[{"introduced":"5.5"},{"fixed":"5.10.44"}]},{"events":[{"introduced":"5.11"},{"fixed":"5.12.11"}]},{"events":[{"introduced":"0"},{"last_affected":"5.13-rc1"}]},{"events":[{"introduced":"0"},{"last_affected":"5.13-rc2"}]},{"events":[{"introduced":"0"},{"last_affected":"5.13-rc3"}]},{"events":[{"introduced":"0"},{"last_affected":"5.13-rc4"}]},{"events":[{"introduced":"0"},{"last_affected":"5.13-rc5"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}