CVE-2022-48828

July 16, 2024, 1:43 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix ia_size underflow iattr::ia_size is a loff_t, which is a signed 64-bit type. NFSv3 and NFSv4 both define file size as an unsigned 64-bit type. Thus there is a range of valid file size values an NFS client can send that is already larger than Linux can handle. Currently decode_fattr4() dumps a full u64 value into ia_size. If that value happens to be larger than S64_MAX, then ia_size underflows. I'm about to fix up the NFSv3 behavior as well, so let's catch the underflow in the common code path: nfsd_setattr().

Product(s) Impacted

Product Versions
Linux kernel
  • []

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://git.kernel.org/stable/c/38d02ba22e43b6fc7d291cf724bc6e3b7be6626b
https://git.kernel.org/stable/c/8e0ecaf7a7e57b30284d6b3289cc436100fadc48
https://git.kernel.org/stable/c/da22ca1ad548429d7822011c54cfe210718e0aa7
https://git.kernel.org/stable/c/e6faac3f58c7c4176b66f63def17a34232a17b0e

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2024-07-16
CVE-2022-48828

Timeline

Published: July 16, 2024, 12:15 p.m.
Last Modified: July 16, 2024, 1:43 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.