CVE-2022-50345

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel’s Network File System Daemon (NFSD) contained a flaw where a client could force a shrinkage of the send buffer on TCP by sending a large RPC Call header within an RPC record. This could lead to a send buffer overflow in NFSv3 READ operations. The issue stemmed from the conservation of pages held by each nfsd thread by combining RPC receive and send buffers.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.