CVE-2022-48827

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to the NFSD component in the Linux kernel, where a read operation near the OFFSET MAX value can cause a loff t overflow in the server, leading to an indefinite retry of the request by the client. The Linux NFS client does not handle the NFS error code EINVAL, which is permitted by NFS specifications for a READ operation. To resolve this, out-of-range READ requests are made to succeed and return a short result, with the EOF flag set to prevent the client from retrying the request. This behavior is consistent with Solaris NFS servers. Note that NFSv3 and NFSv4 use u64 offset values on the wire, which must be converted to loff t internally before use.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.