CVE-2024-49974

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> NFSD: Limit the number of concurrent async COPY operations<br /> <br /> Nothing appears to limit the number of concurrent async COPY<br /> operations that clients can start. In addition, AFAICT each async<br /> COPY can copy an unlimited number of 4MB chunks, so can run for a<br /> long time. Thus IMO async COPY can become a DoS vector.<br /> <br /> Add a restriction mechanism that bounds the number of concurrent<br /> background COPY operations. Start simple and try to be fair -- this<br /> patch implements a per-namespace limit.<br /> <br /> An async COPY request that occurs while this limit is exceeded gets<br /> NFS4ERR_DELAY. The requesting client can choose to send the request<br /> again after a delay or fall back to a traditional read/write style<br /> copy.<br /> <br /> If there is need to make the mechanism more sophisticated, we can<br /> visit that in future patches.