PT-2022-6187 · Linux+9 · Linux Kernel+9

Published

2022-09-26

·

Updated

2025-12-04

·

CVE-2022-43945

CVSS v2.0

7.8

High

VectorAV:N/AC:L/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.19.17 and 6.0.2
Description The issue is related to a buffer overflow in the Linux kernel NFSD implementation. It occurs because NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC message with garbage data is still correctly formed according to the specification and is passed forward to handlers. Vulnerable code in NFSD is not expecting the oversized request and writes beyond the allocated buffer space. This can lead to a denial of service.
Recommendations For versions prior to 5.19.17, update to version 5.19.17 or later. For versions prior to 6.0.2, update to version 6.0.2 or later. As a temporary workaround, consider restricting access to the NFSD implementation until a patch is available.

Fix

Allocation of Resources Without Limits

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-131CWE-770

Related Identifiers

ALSA-2023:0300
ALSA-2023:0334
ALSA-2023:0832
ALSA-2023:0854
ALT-PU-2022-2913
ALT-PU-2022-2915
ALT-PU-2022-2919
ALT-PU-2022-2925
ALT-PU-2022-3358
ALT-PU-2023-1684
ALT-PU-2023-1741
ALT-PU-2023-1814
ALT-PU-2023-4894
AZL-11379
BDU:2023-00360
CESA-2023_0832
CESA-2023_0839
CESA-2023_0854
CVE-2022-43945
DSA-5730-1
LSN-0092-1
MGASA-2022-0442
MGASA-2022-0443
OPENSUSE-SU-2022_4503-1
OPENSUSE-SU-2022_4504-1
OPENSUSE-SU-2022_4574-1
OPENSUSE-SU-2022_4585-1
OPENSUSE-SU-2022_4613-1
OPENSUSE-SU-2022_4616-1
OPENSUSE-SU-2022_4617-1
RHSA-2022:8973
RHSA-2022:8974
RHSA-2022:9082
RHSA-2023:0300
RHSA-2023:0334
RHSA-2023:0348
RHSA-2023:0832
RHSA-2023:0839
RHSA-2023:0854
RHSA-2023_0300
RHSA-2023_0334
RHSA-2023_0832
RHSA-2023_0854
RLSA-2023:0300
RLSA-2023:0334
RLSA-2023:0832
RLSA-2023:0854
RXSA-2023:0334
RXSA-2023:0832
SUSE-SU-2022:4503-1
SUSE-SU-2022:4504-1
SUSE-SU-2022:4505-1
SUSE-SU-2022:4506-1
SUSE-SU-2022:4510-1
SUSE-SU-2022:4513-1
SUSE-SU-2022:4515-1
SUSE-SU-2022:4516-1
SUSE-SU-2022:4517-1
SUSE-SU-2022:4518-1
SUSE-SU-2022:4520-1
SUSE-SU-2022:4527-1
SUSE-SU-2022:4528-1
SUSE-SU-2022:4533-1
SUSE-SU-2022:4534-1
SUSE-SU-2022:4539-1
SUSE-SU-2022:4542-1
SUSE-SU-2022:4543-1
SUSE-SU-2022:4544-1
SUSE-SU-2022:4545-1
SUSE-SU-2022:4546-1
SUSE-SU-2022:4550-1
SUSE-SU-2022:4551-1
SUSE-SU-2022:4559-1
SUSE-SU-2022:4560-1
SUSE-SU-2022:4561-1
SUSE-SU-2022:4562-1
SUSE-SU-2022:4566-1
SUSE-SU-2022:4569-1
SUSE-SU-2022:4572-1
SUSE-SU-2022:4573-1
SUSE-SU-2022:4574-1
SUSE-SU-2022:4577-1
SUSE-SU-2022:4580-1
SUSE-SU-2022:4585-1
SUSE-SU-2022:4587-1
SUSE-SU-2022:4589-1
SUSE-SU-2022:4595-1
SUSE-SU-2022:4611-1
SUSE-SU-2022:4613-1
SUSE-SU-2022:4614-1
SUSE-SU-2022:4615-1
SUSE-SU-2022:4616-1
SUSE-SU-2022:4617-1
SUSE-SU-2023:2146-1
SUSE-SU-2023:2148-1
SUSE-SU-2023:2151-1
SUSE-SU-2023:2162-1
SUSE-SU-2023:2163-1
SUSE-SU-2023:2232-1
SUSE-SU-2025:03613-1
SUSE-SU-2025:03614-1
SUSE-SU-2025:03615-1
SUSE-SU-2025:03626-1
SUSE-SU-2025:03628-1
SUSE-SU-2025:3716-1
SUSE-SU-2025:3761-1
SUSE-SU-2025:4111-1
SUSE-SU-2025:4135-1
SUSE-SU-2025:4139-1
SUSE-SU-2025:4149-1
SUSE-SU-2025:4188-1
SUSE-SU-2025:4189-1
SUSE-SU-2025:4320-1
SUSE-SU-2025_4111-1
SUSE-SU-2025_4188-1
SUSE-SU-2025_4320-1
USN-5754-1
USN-5754-2
USN-5755-1
USN-5755-2
USN-5773-1
USN-5779-1
USN-5789-1
USN-5794-1
USN-5802-1
USN-5804-1
USN-5804-2
USN-5808-1
USN-5813-1
USN-5829-1
USN-5830-1
USN-5861-1
USN-5863-1
USN-5875-1
USN-5914-1
USN-5918-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Rocky Linux
Suse
Ubuntu