Lucene search
416baaa9-dc9f-4396-8d5f-8c081fb06d67NVD:CVE-2022-48829HistoryJul 16, 2024 - 12:15 p.m.
CVE-2022-48829
2024-07-1612:15:06
416baaa9-dc9f-4396-8d5f-8c081fb06d67
web.nvd.nist.gov
6
linux kernel
nfsd
nfsv3
vulnerability
setattr/create
handling
large file sizes
EPSS
0
Percentile
16.0%
In the Linux kernel, the following vulnerability has been resolved:
NFSD: Fix NFSv3 SETATTR/CREATE’s handling of large file sizes
iattr::ia_size is a loff_t, so these NFSv3 procedures must be
careful to deal with incoming client size values that are larger
than s64_max without corrupting the value.
Silently capping the value results in storing a different value
than the client passed in which is unexpected behavior, so remove
the min_t() check in decode_sattr3().
Note that RFC 1813 permits only the WRITE procedure to return
NFS3ERR_FBIG. We believe that NFSv3 reference implementations
also return NFS3ERR_FBIG when ia_size is too large.
Related
redhatcve
redhatcve
CVE-2022-48829
2024-07-16 21:25:41
ubuntucve
ubuntucve
CVE-2022-48829
2024-07-16 00:00:00
cvelist
cvelist
CVE-2022-48829 NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes
2024-07-16 11:44:13
vulnrichment
vulnrichment
CVE-2022-48829 NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes
2024-07-16 11:44:13
debiancve
debiancve
CVE-2022-48829
2024-07-16 12:15:06
cve
cve
CVE-2022-48829
2024-07-16 12:15:06
osv
osv
CVE-2022-48829
2024-07-16 12:15:06
nessus
nessus
Amazon Linux 2 : kernel (ALASKERNEL-5.10-2024-064)
2024-07-23 00:00:00
RHEL 8 : kernel-rt (RHSA-2024:5282)
2024-08-13 00:00:00
RHEL 8 : kernel (RHSA-2024:5266)
2024-08-13 00:00:00
redhat
redhat
(RHSA-2024:5282) Important: kernel-rt security update
2024-08-13 14:21:27
(RHSA-2024:5266) Important: kernel security update
2024-08-13 07:17:14
(RHSA-2024:5281) Important: kernel security update
2024-08-13 14:20:59
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2024:2901-1)
2024-08-15 00:00:00
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:2947-1)
2024-08-20 00:00:00