CVE-2022-50410Out-of-bounds Write in Linux

CWE-787Out-of-bounds Write5 documents5 sources
Severity
7.8HIGHNVD
EPSS
0.0%
top 94.94%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedSep 18

Description

In the Linux kernel, the following vulnerability has been resolved: NFSD: Protect against send buffer overflow in NFSv2 READ Since before the git era, NFSD has conserved the number of pages held by each nfsd thread by combining the RPC receive and send buffers into a single array of pages. This works because there are no cases where an operation needs a large RPC Call message and a large RPC Reply at the same time. Once an RPC Call has been received, svc_process() updates svc_rqst::rq_res to

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages4 packages

NVDlinux/linux_kernel5.115.15.75+3
Debianlinux/linux_kernel< 5.10.221-1+3
CVEListV5linux/linux4452435948424e5322c2a2fefbdc2cf3732cc45d2007867c5874134f2271eb276398208070049dd3+5
debiandebian/linux< linux 6.0.3-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
OSV
CVE-2022-50410: In the Linux kernel, the following vulnerability has been resolved: NFSD: Protect against send buffer overflow in NFSv2 READ Since before the git era,2025-09-18
GHSA
GHSA-fcpw-f2ff-x55p: In the Linux kernel, the following vulnerability has been resolved: NFSD: Protect against send buffer overflow in NFSv2 READ Since before the git er2025-09-18

📋Vendor Advisories

2
Red Hat
kernel: NFSD: Protect against send buffer overflow in NFSv2 READ2025-09-18
Debian
CVE-2022-50410: linux - In the Linux kernel, the following vulnerability has been resolved: NFSD: Prote...2022
CVE-2022-50410 — Out-of-bounds Write in Linux | cvebase