Public Date:
529227: CVE-2009-3726 kernel: nfsv4: kernel panic in nfs4_proc_lock()

The MITRE CVE dictionary describes this issue as:

The nfs4_proc_lock function in fs/nfs/nfs4proc.c in the NFSv4 client in the Linux kernel before 2.6.31-rc4 allows remote NFS servers to cause a denial of service (NULL pointer dereference and panic) by sending a certain response containing incorrect file attributes, which trigger attempted use of an open file that lacks NFSv4 state.

Find out more about CVE-2009-3726 from the MITRE CVE dictionary dictionary and NIST NVD.


The Linux kernel as shipped with Red Hat Enterprise Linux 3 did not have support for NFSv4, and therefore is not affected by this issue. It was addressed in Red Hat Enterprise Linux 4, 5, and Red Hat Enterprise MRG via, and respectively.

CVSS v2 metrics

Base Score 7.2
Base Metrics AV:L/AC:L/Au:N/C:C/I:C/A:C
Access Vector Local
Access Complexity Low
Authentication None
Confidentiality Impact Complete
Integrity Impact Complete
Availability Impact Complete

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 5 (kernel) RHSA-2009:1670 2009-12-15
MRG Grid for RHEL 5 Server (kernel-rt) RHSA-2009:1635 2009-12-03
Red Hat Enterprise Linux 4 (kernel) RHSA-2010:0474 2010-06-15


Red Hat would like to thank Simon Vallet for responsibly reporting this issue.
Last Modified

CVE description copyright © 2017, The MITRE Corporation