7.8

CVE-2022-50235

NFSD: Protect against send buffer overflow in NFSv2 READDIR

In the Linux kernel, the following vulnerability has been resolved:

NFSD: Protect against send buffer overflow in NFSv2 READDIR

Restore the previous limit on the @count argument to prevent a
buffer overflow attack.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.15.12 < 5.15.75
LinuxLinux Kernel Version >= 5.16.1 < 5.19.17
LinuxLinux Kernel Version >= 6.0 < 6.0.3
LinuxLinux Kernel Version5.16 Update-
LinuxLinux Kernel Version5.16 Updaterc7
LinuxLinux Kernel Version5.16 Updaterc8
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.17% 0.066
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://git.kernel.org/stable/c/0e57d696f60dee6117a8ace0cac7c5761d375277
Patch
https://git.kernel.org/stable/c/dc7f225090c29a5f3b9419b1af32846a201555e7
Patch
https://git.kernel.org/stable/c/c2a878095b5c6f04f90553a3c45872f990dab14e
Patch
https://git.kernel.org/stable/c/f59c74df82f6ac9d2ea4e01aa3ae7c6c4481652d
Patch
https://git.kernel.org/stable/c/00b4492686e0497fdb924a9d4c8f6f99377e176c
Patch