Lucene search
LinuxVULNRICHMENT:CVE-2022-48829HistoryJul 16, 2024 - 11:44 a.m.
CVE-2022-48829 NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes
2024-07-1611:44:13
Linux
github.com
1
nfsd
nfsv3
file sizes
linux kernel
vulnerability
In the Linux kernel, the following vulnerability has been resolved:
NFSD: Fix NFSv3 SETATTR/CREATE’s handling of large file sizes
iattr::ia_size is a loff_t, so these NFSv3 procedures must be
careful to deal with incoming client size values that are larger
than s64_max without corrupting the value.
Silently capping the value results in storing a different value
than the client passed in which is unexpected behavior, so remove
the min_t() check in decode_sattr3().
Note that RFC 1813 permits only the WRITE procedure to return
NFS3ERR_FBIG. We believe that NFSv3 reference implementations
also return NFS3ERR_FBIG when ia_size is too large.
Related
ubuntucve
ubuntucve
CVE-2022-48829
2024-07-16 00:00:00
cvelist
cvelist
CVE-2022-48829 NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes
2024-07-16 11:44:13
nvd
nvd
CVE-2022-48829
2024-07-16 12:15:06
redhatcve
redhatcve
CVE-2022-48829
2024-07-16 21:25:41
debiancve
debiancve
CVE-2022-48829
2024-07-16 12:15:06
cve
cve
CVE-2022-48829
2024-07-16 12:15:06
osv
osv
CVE-2022-48829
2024-07-16 12:15:06
nessus
nessus
Amazon Linux 2 : kernel (ALASKERNEL-5.10-2024-064)
2024-07-23 00:00:00
RHEL 8 : kernel-rt (RHSA-2024:5282)
2024-08-13 00:00:00
RHEL 8 : kernel (RHSA-2024:5266)
2024-08-13 00:00:00
redhat
redhat
(RHSA-2024:5266) Important: kernel security update
2024-08-13 07:17:14
(RHSA-2024:5282) Important: kernel-rt security update
2024-08-13 14:21:27
(RHSA-2024:5281) Important: kernel security update
2024-08-13 14:20:59
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2024:2901-1)
2024-08-15 00:00:00
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:2947-1)
2024-08-20 00:00:00
AI Score
6.7
Confidence
Low
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2022-48829