{"uuid": "1fcbdc4e-038b-4b28-a825-53d97d2a1d3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48828", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19694", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-48828\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nNFSD: Fix ia_size underflow\n\niattr::ia_size is a loff_t, which is a signed 64-bit type. NFSv3 and\nNFSv4 both define file size as an unsigned 64-bit type. Thus there\nis a range of valid file size values an NFS client can send that is\nalready larger than Linux can handle.\n\nCurrently decode_fattr4() dumps a full u64 value into ia_size. If\nthat value happens to be larger than S64_MAX, then ia_size\nunderflows. I'm about to fix up the NFSv3 behavior as well, so let's\ncatch the underflow in the common code path: nfsd_setattr().\n\ud83d\udccf Published: 2024-07-16T11:44:12.660Z\n\ud83d\udccf Modified: 2025-06-27T10:21:08.711Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/d2211e6e34d0755f35e2f8c22d81999fa81cfc71\n2. https://git.kernel.org/stable/c/38d02ba22e43b6fc7d291cf724bc6e3b7be6626b\n3. https://git.kernel.org/stable/c/8e0ecaf7a7e57b30284d6b3289cc436100fadc48\n4. https://git.kernel.org/stable/c/da22ca1ad548429d7822011c54cfe210718e0aa7\n5. https://git.kernel.org/stable/c/e6faac3f58c7c4176b66f63def17a34232a17b0e", "creation_timestamp": "2025-06-27T10:49:59.000000Z"}