PT-2025-38427 · Linux+4 · Linux Kernel+4

Published

2022-09-26

Updated

2025-10-23

CVE-2022-50410

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel's Network File System Daemon (NFSD) related to insufficient protection against send buffer overflows in NFSv2 READ operations. An attacker can exploit this issue by sending a specially crafted RPC Call header within an excessively large RPC record over TCP, causing the send buffer to shrink unexpectedly.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Corruption

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-120

Related Identifiers

ALSA-2025_16880

BDU:2026-02182

CESA-2023_0832

CESA-2023_2951

CVE-2022-50410

OESA-2025-2468

OESA-2025-2469

OESA-2025-2470

RHSA-2023:0832

RHSA-2023:2458

RHSA-2023:2951

RHSA-2023_0832

RHSA-2023_2458

RHSA-2023_2951

SUSE-SU-2025:03613-1

SUSE-SU-2025:03614-1

SUSE-SU-2025:03615-1

SUSE-SU-2025:03626-1

SUSE-SU-2025:03628-1

SUSE-SU-2025:3716-1

SUSE-SU-2025:3761-1

Affected Products

Astra Linux

Centos

Linux Kernel

Red Hat

Suse

PT-2025-38427 · Linux+4 · Linux Kernel+4

CVE-2022-50410

Weakness Enumeration

Related Identifiers

Affected Products

References · 1034