7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.001 Low
EPSS
Percentile
44.7%
The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2
are vulnerable to buffer overflow. NFSD tracks the number of pages held by
each NFSD thread by combining the receive and send buffers of a remote
procedure call (RPC) into a single array of pages. A client can force the
send buffer to shrink by sending an RPC message over TCP with garbage data
added at the end of the message. The RPC message with garbage data is still
correctly formed according to the specification and is passed forward to
handlers. Vulnerable code in NFSD is not expecting the oversized request
and writes beyond the allocated buffer space.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | linux | < 4.15.0-202.213 | UNKNOWN |
ubuntu | 20.04 | noarch | linux | < 5.4.0-137.154 | UNKNOWN |
ubuntu | 22.04 | noarch | linux | < 5.15.0-56.62 | UNKNOWN |
ubuntu | 22.10 | noarch | linux | < 5.19.0-26.27 | UNKNOWN |
ubuntu | 23.04 | noarch | linux | < 6.1.0-16.16 | UNKNOWN |
ubuntu | 14.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 16.04 | noarch | linux | < 4.4.0-236.270) Available with Ubuntu Pro or Ubuntu Pro (Infra-only | UNKNOWN |
ubuntu | 18.04 | noarch | linux-aws | < 4.15.0-1148.160 | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws | < 5.4.0-1094.102 | UNKNOWN |
ubuntu | 22.04 | noarch | linux-aws | < 5.15.0-1026.30 | UNKNOWN |
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f90497a16e434c2211c66e3de8e77b17868382b8
launchpad.net/bugs/cve/CVE-2022-43945
nvd.nist.gov/vuln/detail/CVE-2022-43945
security-tracker.debian.org/tracker/CVE-2022-43945
ubuntu.com/security/notices/USN-5754-1
ubuntu.com/security/notices/USN-5754-2
ubuntu.com/security/notices/USN-5755-1
ubuntu.com/security/notices/USN-5755-2
ubuntu.com/security/notices/USN-5773-1
ubuntu.com/security/notices/USN-5779-1
ubuntu.com/security/notices/USN-5789-1
ubuntu.com/security/notices/USN-5794-1
ubuntu.com/security/notices/USN-5802-1
ubuntu.com/security/notices/USN-5804-1
ubuntu.com/security/notices/USN-5804-2
ubuntu.com/security/notices/USN-5808-1
ubuntu.com/security/notices/USN-5813-1
ubuntu.com/security/notices/USN-5829-1
ubuntu.com/security/notices/USN-5830-1
ubuntu.com/security/notices/USN-5861-1
ubuntu.com/security/notices/USN-5863-1
ubuntu.com/security/notices/USN-5875-1
ubuntu.com/security/notices/USN-5914-1
ubuntu.com/security/notices/USN-5918-1
www.cve.org/CVERecord?id=CVE-2022-43945
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.001 Low
EPSS
Percentile
44.7%