CVE Tools
Sign in

CVE-2022-48828

NFSD: Fix ia_size underflow

Published: Jul 16, 2024Updated: May 12, 2026 Sources: CVE List NVD BDU csafCWE-191
NVD MITRE
5.5CVSSMEDIUM
EPSS Score
0.3%
Top 83.9%
CISA KEV
Not in KEV
Exploits
No Known Exploits
Remediation
Patch Available

Description

In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix ia_size underflow iattr::ia_size is a loff_t, which is a signed 64-bit type. NFSv3 and NFSv4 both define file size as an unsigned 64-bit type. Thus there is a range of valid file size values an NFS client can send that is already larger than Linux can handle. Currently decode_fattr4() dumps a full u64 value into ia_size. If that value happens to be larger than S64_MAX, then ia_size underflows. I'm about to fix up the NFSv3 behavior as well, so let's catch the underflow in the common code path: nfsd_setattr().

CVSS Vector Breakdown

AV:LAC:LPR:LUI:NS:UC:NI:NA:H
Exploitability
AV:LAttack Vector
Local
AC:LAttack Complexity
Low
PR:LPrivileges Required
Low
UI:NUser Interaction
None
Scope
S:UScope
Unchanged
Impact
C:NConfidentiality
None
I:NIntegrity
None
A:HAvailability
High
Open in CVSS calculator →

Weaknesses

CWE-191

Affected Products

LinuxLinux
On-premOS
Operating Systems / linux-distro
OpenSUSE LeapNovell Inc.
On-premOS
Operating Systems / linux-distro
Suse Linux Enterprise ServerNovell Inc.
On-premOS
Operating Systems / linux-distro
SUSE Linux Enterprise Server for SAP ApplicationsNovell Inc.
On-premOS
Operating Systems / linux-distro
SUSE Linux Enterprise Software Development KitNovell Inc.
On-premDev Tool
DevTools & CI / build-test-tools
linuxoss-projectOperating Systemsaka the linux kernel
novell inc.commercialUSOperating Systems
and 21 more affected products View all →

Attack Graph

Products CVE Techniques Tactics

Click technique nodes to view MITRE ATT&CK details. Scroll to zoom, drag to pan.

Exploitability

Official Patch Available

MITRE ATT&CK

1 technique
Initial Access
View detailed technique mapping

References

https://git.kernel.org/stable/c/d2211e6e34d0755f35e2f8c22d81999fa81cfc71
git.kernel.org
https://git.kernel.org/stable/c/38d02ba22e43b6fc7d291cf724bc6e3b7be6626b
git.kernel.org
https://git.kernel.org/stable/c/8e0ecaf7a7e57b30284d6b3289cc436100fadc48
git.kernel.org
and 605 more references View all →

Timeline

Published
Jul 16, 2024
Last Updated
May 12, 2026

Unlock Complete Vulnerability Intelligence

Get the full picture for CVE-2022-48828 and every CVE in our database. Create a free account — no credit card required.

Create Free Account
Plain-language analysis
Impact assessment and exploitation scenario in plain English
Attack graph visualization
Interactive attack path and kill chain mapping
Exploit details & PoC links
ExploitDB, Metasploit, GitHub PoCs with direct links
Nuclei scanner templates
Ready-to-use vulnerability scanner templates
Full remediation guide
Patch instructions, workarounds, and compliance impact
Interactive AI chat
Ask questions about this vulnerability in natural language
Related vulnerabilities
Semantically similar CVEs and attack patterns
REST API & MCP access
Integrate vulnerability data into your workflows