{"api_version":"1","generated_at":"2026-04-22T20:30:29+00:00","cve":"CVE-2022-43945","urls":{"html":"https://cve.report/CVE-2022-43945","api":"https://cve.report/api/cve/CVE-2022-43945.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2022-43945","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2022-43945"},"summary":{"title":"CVE-2022-43945","description":"The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC message with garbage data is still correctly formed according to the specification and is passed forward to handlers. Vulnerable code in NFSD is not expecting the oversized request and writes beyond the allocated buffer space. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","state":"PUBLIC","assigner":"disclosure@synopsys.com","published_at":"2022-11-04 19:15:00","updated_at":"2023-03-08 18:15:00"},"problem_types":["CWE-770"],"metrics":[],"references":[{"url":"https://security.netapp.com/advisory/ntap-20221215-0006/","name":"https://security.netapp.com/advisory/ntap-20221215-0006/","refsource":"CONFIRM","tags":[],"title":"CVE-2022-43945 Linux Kernel Vulnerability in NetApp Products | NetApp Product Security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://packetstormsecurity.com/files/171289/Kernel-Live-Patch-Security-Notice-LNS-0092-1.html","name":"http://packetstormsecurity.com/files/171289/Kernel-Live-Patch-Security-Notice-LNS-0092-1.html","refsource":"MISC","tags":[],"title":"Kernel Live Patch Security Notice LNS-0092-1 ≈ Packet Storm","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f90497a16e434c2211c66e3de8e77b17868382b8","name":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f90497a16e434c2211c66e3de8e77b17868382b8","refsource":"MISC","tags":[],"title":"kernel/git/torvalds/linux.git - Linux kernel source tree","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2022-43945","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-43945","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2022","cve_id":"43945","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"43945","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"active_iq_unified_manager","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"vmware_vsphere","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"43945","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"netapp","cpe5":"h300s","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"43945","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"netapp","cpe5":"h300s_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"43945","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"netapp","cpe5":"h410c","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"43945","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"netapp","cpe5":"h410c_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"43945","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"netapp","cpe5":"h410s","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"43945","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"netapp","cpe5":"h410s_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"43945","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"netapp","cpe5":"h500s","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"43945","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"netapp","cpe5":"h500s_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"43945","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"netapp","cpe5":"h700s","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"43945","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"netapp","cpe5":"h700s_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2022-43945","qid":"160423","title":"Oracle Enterprise Linux Security Update for kernel (ELSA-2023-0334)"},{"cve":"CVE-2022-43945","qid":"160476","title":"Oracle Enterprise Linux Security Update for kernel (ELSA-2023-0832)"},{"cve":"CVE-2022-43945","qid":"184401","title":"Debian Security Update for linux (CVE-2022-43945)"},{"cve":"CVE-2022-43945","qid":"199055","title":"Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5754-1)"},{"cve":"CVE-2022-43945","qid":"199057","title":"Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5755-1)"},{"cve":"CVE-2022-43945","qid":"199061","title":"Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5755-2)"},{"cve":"CVE-2022-43945","qid":"199071","title":"Ubuntu Security Notification for Linux kernel (Azure) Vulnerabilities (USN-5754-2)"},{"cve":"CVE-2022-43945","qid":"199073","title":"Ubuntu Security Notification for Linux kernel (OEM) Vulnerabilities (USN-5773-1)"},{"cve":"CVE-2022-43945","qid":"199078","title":"Ubuntu Security Notification for Linux kernel (Azure) Vulnerabilities (USN-5779-1)"},{"cve":"CVE-2022-43945","qid":"199084","title":"Ubuntu Security Notification for Linux kernel (OEM) Vulnerabilities (USN-5789-1)"},{"cve":"CVE-2022-43945","qid":"199105","title":"Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5804-1)"},{"cve":"CVE-2022-43945","qid":"199106","title":"Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5804-2)"},{"cve":"CVE-2022-43945","qid":"199111","title":"Ubuntu Security Notification for Linux kernel (IBM) Vulnerabilities (USN-5808-1)"},{"cve":"CVE-2022-43945","qid":"199121","title":"Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5813-1)"},{"cve":"CVE-2022-43945","qid":"199132","title":"Ubuntu Security Notification for Linux kernel (Raspberry Pi) Vulnerabilities (USN-5829-1)"},{"cve":"CVE-2022-43945","qid":"199137","title":"Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5830-1)"},{"cve":"CVE-2022-43945","qid":"199165","title":"Ubuntu Security Notification for Linux kernel (Dell300x) Vulnerabilities (USN-5861-1)"},{"cve":"CVE-2022-43945","qid":"199180","title":"Ubuntu Security Notification for Linux kernel (GKE) Vulnerabilities (USN-5875-1)"},{"cve":"CVE-2022-43945","qid":"199207","title":"Ubuntu Security Notification for Linux kernel (OEM) Vulnerabilities (USN-5914-1)"},{"cve":"CVE-2022-43945","qid":"199213","title":"Ubuntu Security Notification for Linux kernel (BlueField) Vulnerabilities (USN-5918-1)"},{"cve":"CVE-2022-43945","qid":"199490","title":"Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5802-1)"},{"cve":"CVE-2022-43945","qid":"199519","title":"Ubuntu Security Notification for Linux kernel (Azure) Vulnerabilities (USN-5863-1)"},{"cve":"CVE-2022-43945","qid":"199547","title":"Ubuntu Security Notification for Linux kernel (AWS) Vulnerabilities (USN-5794-1)"},{"cve":"CVE-2022-43945","qid":"241008","title":"Red Hat Update for kernel (RHSA-2022:8973)"},{"cve":"CVE-2022-43945","qid":"241009","title":"Red Hat Update for kernel-rt (RHSA-2022:8974)"},{"cve":"CVE-2022-43945","qid":"241022","title":"Red Hat Update for kpatch-patch (RHSA-2022:9082)"},{"cve":"CVE-2022-43945","qid":"241095","title":"Red Hat Update for kernel (RHSA-2023:0334)"},{"cve":"CVE-2022-43945","qid":"241096","title":"Red Hat Update for kernel-rt (RHSA-2023:0300)"},{"cve":"CVE-2022-43945","qid":"241101","title":"Red Hat Update for kpatch-patch (RHSA-2023:0348)"},{"cve":"CVE-2022-43945","qid":"241202","title":"Red Hat Update for kpatch-patch (RHSA-2023:0839)"},{"cve":"CVE-2022-43945","qid":"241204","title":"Red Hat Update for kernel-rt (RHSA-2023:0854)"},{"cve":"CVE-2022-43945","qid":"241209","title":"Red Hat Update for kernel (RHSA-2023:0832)"},{"cve":"CVE-2022-43945","qid":"355199","title":"Amazon Linux Security Advisory for kernel : ALAS2023-2023-070"},{"cve":"CVE-2022-43945","qid":"753014","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:4505-1)"},{"cve":"CVE-2022-43945","qid":"753015","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 23 for SLE 15 SP3) (SUSE-SU-2022:4544-1)"},{"cve":"CVE-2022-43945","qid":"753016","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 24 for SLE 15 SP2) (SUSE-SU-2022:4587-1)"},{"cve":"CVE-2022-43945","qid":"753017","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 4 for SLE 15 SP4) (SUSE-SU-2022:4560-1)"},{"cve":"CVE-2022-43945","qid":"753018","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 31 for SLE 15) (SUSE-SU-2022:4577-1)"},{"cve":"CVE-2022-43945","qid":"753020","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:4585-1)"},{"cve":"CVE-2022-43945","qid":"753021","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 14 for SLE 15 SP3) (SUSE-SU-2022:4528-1)"},{"cve":"CVE-2022-43945","qid":"753022","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 20 for SLE 15 SP3) (SUSE-SU-2022:4551-1)"},{"cve":"CVE-2022-43945","qid":"753023","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 5 for SLE 15 SP4) (SUSE-SU-2022:4542-1)"},{"cve":"CVE-2022-43945","qid":"753025","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 32 for SLE 15 SP1) (SUSE-SU-2022:4506-1)"},{"cve":"CVE-2022-43945","qid":"753026","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 33 for SLE 15 SP1) (SUSE-SU-2022:4533-1)"},{"cve":"CVE-2022-43945","qid":"753029","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 25 for SLE 15 SP3) (SUSE-SU-2022:4517-1)"},{"cve":"CVE-2022-43945","qid":"753031","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 31 for SLE 15 SP2) (SUSE-SU-2022:4515-1)"},{"cve":"CVE-2022-43945","qid":"753032","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 27 for SLE 15 SP2) (SUSE-SU-2022:4513-1)"},{"cve":"CVE-2022-43945","qid":"753033","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 1 for SLE 15 SP4) (SUSE-SU-2022:4518-1)"},{"cve":"CVE-2022-43945","qid":"753034","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:4504-1)"},{"cve":"CVE-2022-43945","qid":"753035","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 30 for SLE 15 SP2) (SUSE-SU-2022:4534-1)"},{"cve":"CVE-2022-43945","qid":"753036","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 26 for SLE 15) (SUSE-SU-2022:4550-1)"},{"cve":"CVE-2022-43945","qid":"753037","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 26 for SLE 15 SP2) (SUSE-SU-2022:4580-1)"},{"cve":"CVE-2022-43945","qid":"753038","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:4573-1)"},{"cve":"CVE-2022-43945","qid":"753039","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:4574-1)"},{"cve":"CVE-2022-43945","qid":"753040","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 12 for SLE 15 SP3) (SUSE-SU-2022:4562-1)"},{"cve":"CVE-2022-43945","qid":"753041","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 24 for SLE 15 SP3) (SUSE-SU-2022:4516-1)"},{"cve":"CVE-2022-43945","qid":"753042","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 35 for SLE 15 SP1) (SUSE-SU-2022:4539-1)"},{"cve":"CVE-2022-43945","qid":"753043","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 26 for SLE 15 SP3) (SUSE-SU-2022:4572-1)"},{"cve":"CVE-2022-43945","qid":"753044","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 3 for SLE 15 SP4) (SUSE-SU-2022:4559-1)"},{"cve":"CVE-2022-43945","qid":"753045","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:4503-1)"},{"cve":"CVE-2022-43945","qid":"753046","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 30 for SLE 15 SP1) (SUSE-SU-2022:4527-1)"},{"cve":"CVE-2022-43945","qid":"753047","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:4566-1)"},{"cve":"CVE-2022-43945","qid":"753048","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 18 for SLE 15 SP3) (SUSE-SU-2022:4569-1)"},{"cve":"CVE-2022-43945","qid":"753049","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 26 for SLE 12 SP5) (SUSE-SU-2022:4520-1)"},{"cve":"CVE-2022-43945","qid":"753050","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 22 for SLE 15 SP3) (SUSE-SU-2022:4543-1)"},{"cve":"CVE-2022-43945","qid":"753051","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:4589-1)"},{"cve":"CVE-2022-43945","qid":"753060","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:4615-1)"},{"cve":"CVE-2022-43945","qid":"753061","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:4616-1)"},{"cve":"CVE-2022-43945","qid":"753062","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:4613-1)"},{"cve":"CVE-2022-43945","qid":"753063","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:4617-1)"},{"cve":"CVE-2022-43945","qid":"753980","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:2151-1)"},{"cve":"CVE-2022-43945","qid":"753981","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:2146-1)"},{"cve":"CVE-2022-43945","qid":"753982","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:2148-1)"},{"cve":"CVE-2022-43945","qid":"753985","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:2162-1)"},{"cve":"CVE-2022-43945","qid":"754005","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:2163-1)"},{"cve":"CVE-2022-43945","qid":"754023","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:2232-1)"},{"cve":"CVE-2022-43945","qid":"904441","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (11415)"},{"cve":"CVE-2022-43945","qid":"904475","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (11379)"},{"cve":"CVE-2022-43945","qid":"904714","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (11379-1)"},{"cve":"CVE-2022-43945","qid":"904755","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (11415-1)"},{"cve":"CVE-2022-43945","qid":"906209","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (11415-2)"},{"cve":"CVE-2022-43945","qid":"906448","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (11379-2)"},{"cve":"CVE-2022-43945","qid":"940904","title":"AlmaLinux Security Update for kernel (ALSA-2023:0334)"},{"cve":"CVE-2022-43945","qid":"940910","title":"AlmaLinux Security Update for kernel-rt (ALSA-2023:0300)"},{"cve":"CVE-2022-43945","qid":"940926","title":"AlmaLinux Security Update for kernel (ALSA-2023:0832)"},{"cve":"CVE-2022-43945","qid":"940936","title":"AlmaLinux Security Update for kernel-rt (ALSA-2023:0854)"},{"cve":"CVE-2022-43945","qid":"960503","title":"Rocky Linux Security Update for kernel-rt (RLSA-2023:0300)"},{"cve":"CVE-2022-43945","qid":"960587","title":"Rocky Linux Security Update for kernel (RLSA-2023:0334)"},{"cve":"CVE-2022-43945","qid":"960651","title":"Rocky Linux Security Update for kernel (RLSA-2023:0832)"},{"cve":"CVE-2022-43945","qid":"960656","title":"Rocky Linux Security Update for kernel-rt (RLSA-2023:0854)"}]},"source_records":{"cve_program":{"data_type":"CVE","data_format":"MITRE","data_version":"4.0","CVE_data_meta":{"ID":"CVE-2022-43945","ASSIGNER":"disclosure@synopsys.com","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"vendor_name":"linux","product":{"product_data":[{"product_name":"linux_kernel","version":{"version_data":[{"version_value":"< 6.0.2"}]}}]}}]}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-131: Incorrect Calculation of Buffer Size"}]}]},"references":{"reference_data":[{"url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f90497a16e434c2211c66e3de8e77b17868382b8","refsource":"MISC","name":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f90497a16e434c2211c66e3de8e77b17868382b8"},{"refsource":"CONFIRM","name":"https://security.netapp.com/advisory/ntap-20221215-0006/","url":"https://security.netapp.com/advisory/ntap-20221215-0006/"},{"refsource":"MISC","name":"http://packetstormsecurity.com/files/171289/Kernel-Live-Patch-Security-Notice-LNS-0092-1.html","url":"http://packetstormsecurity.com/files/171289/Kernel-Live-Patch-Security-Notice-LNS-0092-1.html"}]},"description":{"description_data":[{"lang":"eng","value":"The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC message with garbage data is still correctly formed according to the specification and is passed forward to handlers. Vulnerable code in NFSD is not expecting the oversized request and writes beyond the allocated buffer space. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}},"nvd":{"publishedDate":"2022-11-04 19:15:00","lastModifiedDate":"2023-03-08 18:15:00","problem_types":["CWE-770"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"5.19.17","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0","versionEndExcluding":"6.0.2","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*","cpe_name":[]}]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]}]}},"legacy_mitre":{"record":null,"notes":[]}}}