Lucene search
Redhat.comRH:CVE-2022-48828HistoryJul 16, 2024 - 9:25 p.m.
CVE-2022-48828
2024-07-1621:25:31
redhat.com
access.redhat.com
12
linux kernel
vulnerability
nfsd
ia_size
underflow
fix
nfsv3
nfsv4
decode_fattr4
nfsd_setattr
In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix ia_size underflow iattr::ia_size is a loff_t, which is a signed 64-bit type. NFSv3 and NFSv4 both define file size as an unsigned 64-bit type. Thus there is a range of valid file size values an NFS client can send that is already larger than Linux can handle. Currently decode_fattr4() dumps a full u64 value into ia_size. If that value happens to be larger than S64_MAX, then ia_size underflows. I’m about to fix up the NFSv3 behavior as well, so let’s catch the underflow in the common code path: nfsd_setattr().
Related
ubuntucve
ubuntucve
CVE-2022-48828
2024-07-16 00:00:00
vulnrichment
vulnrichment
CVE-2022-48828 NFSD: Fix ia_size underflow
2024-07-16 11:44:12
debiancve
debiancve
CVE-2022-48828
2024-07-16 12:15:06
nvd
nvd
CVE-2022-48828
2024-07-16 12:15:06
cve
cve
CVE-2022-48828
2024-07-16 12:15:06
osv
osv
CVE-2022-48828
2024-07-16 12:15:06
Security update for the Linux Kernel
2024-08-13 14:05:51
Security update for the Linux Kernel
2024-08-16 09:14:50
cvelist
cvelist
CVE-2022-48828 NFSD: Fix ia_size underflow
2024-07-16 11:44:12
redhat
redhat
(RHSA-2024:5282) Important: kernel-rt security update
2024-08-13 14:21:27
(RHSA-2024:5266) Important: kernel security update
2024-08-13 07:17:14
(RHSA-2024:5281) Important: kernel security update
2024-08-13 14:20:59
nessus
nessus
RHEL 8 : kernel-rt (RHSA-2024:5282)
2024-08-13 00:00:00
RHEL 8 : kernel (RHSA-2024:5266)
2024-08-13 00:00:00
RHEL 8 : kernel (RHSA-2024:5281)
2024-08-13 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2024:2901-1)
2024-08-15 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-2441)
2024-09-12 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-2394)
2024-09-12 00:00:00