CVE-2022-50385 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix an Oops in nfs_d_automount() When mounting from a NFSv4 referral, path->dentry can end up being a negative dentry, so derive the struct nfs_server from the dentry itself instead.

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

References

Link	Providers
https://git.kernel.org/stable/c/35e3b6ae84935d0d7ff76cbdaa83411b0ad5e471
https://git.kernel.org/stable/c/5458bc0f9df639d83471ca384152cc62dbee0aeb
https://git.kernel.org/stable/c/6f3d56783fbed861e483736a7001bdafd0dddd53
https://git.kernel.org/stable/c/b6fd25d64b0de27991d6bd677f0adf69ad6ff07a
https://git.kernel.org/stable/c/f12377abac15fb4e8698225ac386894f8ae63598
https://lore.kernel.org/linux-cve-announce/2025091852-CVE-2022-50385-7787@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2022-50385
https://www.cve.org/CVERecord?id=CVE-2022-50385

History

Fri, 19 Sep 2025 09:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Linux Linux linux Kernel
Vendors & Products		Linux Linux linux Kernel

Fri, 19 Sep 2025 00:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2025091852-CVE-2022-50385-7787@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2022-50385 https://www.cve.org/CVERecord?id=CVE-2022-50385
Metrics	threat_severity `None`	cvssV3_1 `{'score': 7.0, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}` threat_severity `Important`

Thu, 18 Sep 2025 13:45:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: NFS: Fix an Oops in nfs_d_automount() When mounting from a NFSv4 referral, path->dentry can end up being a negative dentry, so derive the struct nfs_server from the dentry itself instead.
Title		NFS: Fix an Oops in nfs_d_automount()
References		https://git.kernel.org/stable/c/35e3b6ae84935d0d7ff76cbdaa83411b0ad5e471 https://git.kernel.org/stable/c/5458bc0f9df639d83471ca384152cc62dbee0aeb https://git.kernel.org/stable/c/6f3d56783fbed861e483736a7001bdafd0dddd53 https://git.kernel.org/stable/c/b6fd25d64b0de27991d6bd677f0adf69ad6ff07a https://git.kernel.org/stable/c/f12377abac15fb4e8698225ac386894f8ae63598

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-09-18T13:33:06.484Z

Updated: 2025-09-18T13:33:06.484Z

Reserved: 2025-09-17T14:53:06.997Z

Link: CVE-2022-50385

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2025-09-18T14:15:37.353

Modified: 2025-09-19T16:00:46.437

Link: CVE-2022-50385

Redhat

Severity : Important

Publid Date: 2025-09-18T00:00:00Z

Links: CVE-2022-50385 - Bugzilla

Metrics

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object