Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
vulnrichmentLinuxVULNRICHMENT:CVE-2022-48828
HistoryJul 16, 2024 - 11:44 a.m.

CVE-2022-48828 NFSD: Fix ia_size underflow

2024-07-1611:44:12
Linux
github.com
2
nfsd
vulnerability
fix
ia_size
underflow
linux kernel
decode_fattr4
nfsv3
nfsv4
nfsd_setattr

AI Score

6.8

Confidence

Low

SSVC

Exploitation

none

Automatable

no

Technical Impact

partial

JSON

In the Linux kernel, the following vulnerability has been resolved:

NFSD: Fix ia_size underflow

iattr::ia_size is a loff_t, which is a signed 64-bit type. NFSv3 and
NFSv4 both define file size as an unsigned 64-bit type. Thus there
is a range of valid file size values an NFS client can send that is
already larger than Linux can handle.

Currently decode_fattr4() dumps a full u64 value into ia_size. If
that value happens to be larger than S64_MAX, then ia_size
underflows. I’m about to fix up the NFSv3 behavior as well, so let’s
catch the underflow in the common code path: nfsd_setattr().

Related

ubuntucve 1
cvelist 1
nvd 1
debiancve 1
cve 1
redhatcve 1
osv 7
nessus 12
redhat 3
openvas 4
ubuntucve
ubuntucve
CVE-2022-48828
2024-07-16 00:00:00
cvelist
cvelist
CVE-2022-48828 NFSD: Fix ia_size underflow
2024-07-16 11:44:12
nvd
nvd
CVE-2022-48828
2024-07-16 12:15:06
debiancve
debiancve
CVE-2022-48828
2024-07-16 12:15:06
cve
cve
CVE-2022-48828
2024-07-16 12:15:06
redhatcve
redhatcve
CVE-2022-48828
2024-07-16 21:25:31
osv
osv
CVE-2022-48828
2024-07-16 12:15:06
Security update for the Linux Kernel
2024-08-16 09:14:50
Security update for the Linux Kernel
2024-08-14 07:24:46
nessus
nessus
RHEL 8 : kernel (RHSA-2024:5266)
2024-08-13 00:00:00
RHEL 8 : kernel-rt (RHSA-2024:5282)
2024-08-13 00:00:00
RHEL 8 : kernel (RHSA-2024:5281)
2024-08-13 00:00:00
redhat
redhat
(RHSA-2024:5282) Important: kernel-rt security update
2024-08-13 14:21:27
(RHSA-2024:5266) Important: kernel security update
2024-08-13 07:17:14
(RHSA-2024:5281) Important: kernel security update
2024-08-13 14:20:59
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2024:2901-1)
2024-08-15 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-2441)
2024-09-12 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-2394)
2024-09-12 00:00:00

AI Score

6.8

Confidence

Low

SSVC

Exploitation

none

Automatable

no

Technical Impact

partial

JSON
Related for VULNRICHMENT:CVE-2022-48828
ubuntucve1cvelist1nvd1debiancve1cve1redhatcve1osv7nessus12redhat3openvas4