Lucene search
LinuxCVE-2022-48829HistoryJul 16, 2024 - 12:15 p.m.
CVE-2022-48829
2024-07-1612:15:06
Linux
web.nvd.nist.gov
33
linux kernel
nfsd
vulnerability
In the Linux kernel, the following vulnerability has been resolved:
NFSD: Fix NFSv3 SETATTR/CREATE’s handling of large file sizes
iattr::ia_size is a loff_t, so these NFSv3 procedures must be
careful to deal with incoming client size values that are larger
than s64_max without corrupting the value.
Silently capping the value results in storing a different value
than the client passed in which is unexpected behavior, so remove
the min_t() check in decode_sattr3().
Note that RFC 1813 permits only the WRITE procedure to return
NFS3ERR_FBIG. We believe that NFSv3 reference implementations
also return NFS3ERR_FBIG when ia_size is too large.
Affected configurations
Node
linuxlinux_kernelRange5.10.0–5.10.220
ORlinuxlinux_kernelRange5.11.0–5.15.24
ORlinuxlinux_kernelRange5.16.0–5.16.10
ORlinuxlinux_kernelRange5.17.0≥
| Vendor | Product | Version | CPE |
|---|---|---|---|
| linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "unaffected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"fs/nfsd/nfs3xdr.c"
],
"versions": [
{
"version": "1da177e4c3f4",
"lessThan": "a231ae6bb50e",
"status": "affected",
"versionType": "git"
},
{
"version": "1da177e4c3f4",
"lessThan": "37f2d2cd8ead",
"status": "affected",
"versionType": "git"
},
{
"version": "1da177e4c3f4",
"lessThan": "aa9051ddb4b3",
"status": "affected",
"versionType": "git"
},
{
"version": "1da177e4c3f4",
"lessThan": "a648fdeb7c0e",
"status": "affected",
"versionType": "git"
}
]
},
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "affected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"fs/nfsd/nfs3xdr.c"
],
"versions": [
{
"version": "5.10.220",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.24",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.16.10",
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.17",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
]
}
]Related
ubuntucve
ubuntucve
CVE-2022-48829
2024-07-16 00:00:00
cvelist
cvelist
CVE-2022-48829 NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes
2024-07-16 11:44:13
nvd
nvd
CVE-2022-48829
2024-07-16 12:15:06
redhatcve
redhatcve
CVE-2022-48829
2024-07-16 21:25:41
vulnrichment
vulnrichment
CVE-2022-48829 NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes
2024-07-16 11:44:13
debiancve
debiancve
CVE-2022-48829
2024-07-16 12:15:06
osv
osv
CVE-2022-48829
2024-07-16 12:15:00
nessus
nessus
Amazon Linux 2 : kernel (ALASKERNEL-5.10-2024-064)
2024-07-23 00:00:00
RHEL 8 : kernel-rt (RHSA-2024:5282)
2024-08-13 00:00:00
RHEL 8 : kernel (RHSA-2024:5266)
2024-08-13 00:00:00
redhat
redhat
(RHSA-2024:5282) Important: kernel-rt security update
2024-08-13 14:21:27
(RHSA-2024:5266) Important: kernel security update
2024-08-13 07:17:14
(RHSA-2024:5281) Important: kernel security update
2024-08-13 14:20:59
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2024:2901-1)
2024-08-15 00:00:00
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:2947-1)
2024-08-20 00:00:00