{"uuid": "541366a9-625b-42bb-bb1b-b82e1cfa7680", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48828", "type": "seen", "source": "https://t.me/cvedetector/938", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2022-48828 - \"Linux NFSd Signed Integer Underflow\"\", \n  \"Content\": \"CVE ID : CVE-2022-48828 \nPublished : July 16, 2024, 12:15 p.m. | 43\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nNFSD: Fix ia_size underflow  \n  \niattr::ia_size is a loff_t, which is a signed 64-bit type. NFSv3 and  \nNFSv4 both define file size as an unsigned 64-bit type. Thus there  \nis a range of valid file size values an NFS client can send that is  \nalready larger than Linux can handle.  \n  \nCurrently decode_fattr4() dumps a full u64 value into ia_size. If  \nthat value happens to be larger than S64_MAX, then ia_size  \nunderflows. I'm about to fix up the NFSv3 behavior as well, so let's  \ncatch the underflow in the common code path: nfsd_setattr(). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-16T15:26:22.000000Z"}