CVE-2022-43945
CVSS V2 None
CVSS V3 High 7.5
Description
The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC message with garbage data is still correctly formed according to the specification and is passed forward to handlers. Vulnerable code in NFSD is not expecting the oversized request and writes beyond the allocated buffer space. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Overview
- CVE ID
- CVE-2022-43945
- Assigner
- disclosure@synopsys.com
- Vulnerability Status
- Modified
- Published Version
- 2022-11-04T19:15:11
- Last Modified Date
- 2023-03-08T18:15:11
Weakness Enumerations
CPE Configuration (Product)
| CPE | Vulnerable | Operator | Version Start | Version End |
|---|---|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 1 | OR | 5.19.17 | |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 1 | OR | 6.0 | 6.0.2 |
CVSS Version 3
- Version
- 3.1
- Vector String
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- Attack Vector
- NETWORK
- Attack Compatibility
- LOW
- Privileges Required
- NONE
- User Interaction
- NONE
- Scope
- UNCHANGED
- Confidentiality Impact
- NONE
- Availability Impact
- HIGH
- Base Score
- 7.5
- Base Severity
- HIGH
- Exploitability Score
- 3.9
- Impact Score
- 3.6
References
| Reference URL | Reference Tags |
|---|---|
| http://packetstormsecurity.com/files/171289/Kernel-Live-Patch-Security-Notice-LNS-0092-1.html | |
| https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f90497a16e434c2211c66e3de8e77b17868382b8 | Mailing List Patch Vendor Advisory |
| https://security.netapp.com/advisory/ntap-20221215-0006/ | Third Party Advisory |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2022-43945 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43945 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2022-11-04 20:00:08 | Added to TrackCVE | |||
| 2022-12-07 17:24:14 | 2022-11-04T19:15Z | 2022-11-04T19:15:11 | CVE Published Date | updated |
| 2022-12-07 17:24:14 | 2022-11-07T17:31:41 | CVE Modified Date | updated | |
| 2022-12-07 17:24:14 | Analyzed | Vulnerability Status | updated | |
| 2022-12-07 17:24:16 | CPE Information | updated | ||
| 2022-12-15 19:15:35 | 2022-12-15T19:15:25 | CVE Modified Date | updated | |
| 2022-12-15 19:15:35 | Analyzed | Modified | Vulnerability Status | updated |
| 2022-12-15 19:15:36 | References | updated | ||
| 2022-12-18 09:27:02 | Modified | Undergoing Analysis | Vulnerability Status | updated |
| 2023-02-17 04:12:50 | 2023-02-17T03:44:24 | CVE Modified Date | updated | |
| 2023-02-17 04:12:50 | Undergoing Analysis | Analyzed | Vulnerability Status | updated |
| 2023-02-17 04:12:51 | Weakness Enumeration | update | ||
| 2023-03-08 19:18:16 | 2023-03-08T18:15:11 | CVE Modified Date | updated | |
| 2023-03-08 19:18:16 | Analyzed | Modified | Vulnerability Status | updated |
| 2023-03-08 19:18:17 | References | updated |