CVE-2026-45983
Analyzed Analyzed - Analysis Complete
Kernel NFS Daemon Request Deferral Issue in Linux

Publication date: 2026-05-27

Last updated on: 2026-06-16

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: nfsd: never defer requests during idmap lookup During v4 request compound arg decoding, some ops (e.g. SETATTR) can trigger idmap lookup upcalls. When those upcall responses get delayed beyond the allowed time limit, cache_check() will mark the request for deferral and cause it to be dropped. This prevents nfs4svc_encode_compoundres from being executed, and thus the session slot flag NFSD4_SLOT_INUSE never gets cleared. Subsequent client requests will fail with NFSERR_JUKEBOX, given that the slot will be marked as in-use, making the SEQUENCE op fail. Fix this by making sure that the RQ_USEDEFERRAL flag is always clear during nfs4svc_decode_compoundargs(), since no v4 request should ever be deferred.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-27
Last Modified
2026-06-16
Generated
2026-06-16
AI Q&A
2026-05-27
EPSS Evaluated
2026-06-15
NVD
CVE-2026-45983
EUVD
EUVD-2026-32268
Affected Vendors & Products
Showing 7 associated CPEs
Vendor Product Version / Range
linux linux_kernel From 6.13 (inc) to 6.18.14 (exc)
linux linux_kernel From 6.19 (inc) to 6.19.4 (exc)
linux linux_kernel From 6.2 (inc) to 6.6.128 (exc)
linux linux_kernel From 6.7 (inc) to 6.12.75 (exc)
linux linux_kernel From 5.11 (inc) to 5.15.202 (exc)
linux linux_kernel From 5.16 (inc) to 6.1.165 (exc)
linux linux_kernel From 2.6.30 (inc) to 5.10.252 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Linux kernel's NFS server (nfsd) related to how it handles idmap lookup during NFSv4 request processing.

During decoding of compound arguments in NFSv4 requests, certain operations like SETATTR can trigger idmap lookup upcalls. If the responses to these upcalls are delayed beyond a set time limit, the system marks the request for deferral and drops it.

Because of this, the function responsible for encoding the compound response (nfs4svc_encode_compoundres) is not executed, leaving a session slot flag (NFSD4_SLOT_INUSE) uncleared. This causes subsequent client requests to fail with an error (NFSERR_JUKEBOX) because the slot remains marked as in-use, causing the SEQUENCE operation to fail.

The fix ensures that no NFSv4 request is ever deferred by clearing the RQ_USEDEFERRAL flag during decoding of compound arguments.

Impact Analysis

This vulnerability can cause NFSv4 client requests to fail unexpectedly.

Specifically, because the session slot flag remains marked as in-use due to dropped requests, subsequent client requests will receive an NFSERR_JUKEBOX error, indicating that the server is unable to process the request.

This can lead to service disruptions or failures in accessing NFS shares, impacting availability and reliability of network file systems.

Mitigation Strategies

The vulnerability has been resolved in the Linux kernel by ensuring that the RQ_USEDEFERRAL flag is always cleared during nfs4svc_decode_compoundargs(), preventing v4 requests from being deferred.

To mitigate this vulnerability, you should update your Linux kernel to the version that includes this fix.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-45983. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart