CVE-2022-49280
- Source
- https://cve.org/CVERecord?id=CVE-2022-49280
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-49280.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2022-49280
- Downstream
- Related
- Published
- 2025-02-26T01:56:22.662Z
- Modified
- 2026-03-11T03:38:35.945108Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- NFSD: prevent underflow in nfssvc_decode_writeargs()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
NFSD: prevent underflow in nfssvcdecodewriteargs()
Smatch complains:
fs/nfsd/nfsxdr.c:341 nfssvc_decode_writeargs() warn: no lower bound on 'args->len'Change the type to unsigned to prevent this issue.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49280.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/184416d4b98509fb4c3d8fc3d6dc1437896cc159
- https://git.kernel.org/stable/c/2764af8ce0bf03cc43ee4a11897cab96bde6caae
- https://git.kernel.org/stable/c/413d8fefafe531a9442bb623e3fe292a38f88d65
- https://git.kernel.org/stable/c/614a61e1592051cc42d3c38f899c9f7bdaad8a1d
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49280.json
- https://nvd.nist.gov/vuln/detail/CVE-2022-49280
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduceda51b5b737a0be93fae6ea2a18df03ab2359a3f4bFixed614a61e1592051cc42d3c38f899c9f7bdaad8a1dFixed2764af8ce0bf03cc43ee4a11897cab96bde6caaeFixed413d8fefafe531a9442bb623e3fe292a38f88d65Fixed184416d4b98509fb4c3d8fc3d6dc1437896cc159
Affected versions
v5.*
v5.11
v5.11-rc6
v5.11-rc7
v5.12
v5.12-rc1
v5.12-rc1-dontuse
v5.12-rc2
v5.12-rc3
v5.12-rc4
v5.12-rc5
v5.12-rc6
v5.12-rc7
v5.12-rc8
v5.13
v5.13-rc1
v5.13-rc2
v5.13-rc3
v5.13-rc4
v5.13-rc5
v5.13-rc6
v5.13-rc7
v5.14
v5.14-rc1
v5.14-rc2
v5.14-rc3
v5.14-rc4
v5.14-rc5
v5.14-rc6
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.15.1
v5.15.10
v5.15.11
v5.15.12
v5.15.13
v5.15.14
v5.15.15
v5.15.16
v5.15.17
v5.15.18
v5.15.19
v5.15.2
v5.15.20
v5.15.21
v5.15.22
v5.15.23
v5.15.24
v5.15.25
v5.15.26
v5.15.27
v5.15.28
v5.15.29
v5.15.3
v5.15.30
v5.15.31
v5.15.32
v5.15.4
v5.15.5
v5.15.6
v5.15.7
v5.15.8
v5.15.9
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.16.1
v5.16.10
v5.16.11
v5.16.12
v5.16.13
v5.16.14
v5.16.15
v5.16.16
v5.16.17
v5.16.18
v5.16.2
v5.16.3
v5.16.4
v5.16.5
v5.16.6
v5.16.7
v5.16.8
v5.16.9
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.17.1
Database specific
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-49280.json"
vanir_signatures
[
{
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2764af8ce0bf03cc43ee4a11897cab96bde6caae",
"id": "CVE-2022-49280-228ac9fc",
"deprecated": false,
"target": {
"function": "nfsd_proc_write",
"file": "fs/nfsd/nfsproc.c"
},
"signature_version": "v1",
"digest": {
"length": 646.0,
"function_hash": "304892727158680843093692453422348924401"
}
},
{
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@614a61e1592051cc42d3c38f899c9f7bdaad8a1d",
"id": "CVE-2022-49280-6fb5ffaf",
"deprecated": false,
"target": {
"function": "nfsd_proc_write",
"file": "fs/nfsd/nfsproc.c"
},
"signature_version": "v1",
"digest": {
"length": 646.0,
"function_hash": "304892727158680843093692453422348924401"
}
},
{
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@614a61e1592051cc42d3c38f899c9f7bdaad8a1d",
"id": "CVE-2022-49280-92d3af5d",
"deprecated": false,
"target": {
"file": "fs/nfsd/nfsproc.c"
},
"signature_version": "v1",
"digest": {
"line_hashes": [
"76787236209842138838784991812755214926",
"220984635008130985809678367838267614256",
"182088510541346572073573731253971053834",
"27033997971400270141415436899154519838"
],
"threshold": 0.9
}
},
{
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2764af8ce0bf03cc43ee4a11897cab96bde6caae",
"id": "CVE-2022-49280-ddca0b79",
"deprecated": false,
"target": {
"file": "fs/nfsd/nfsproc.c"
},
"signature_version": "v1",
"digest": {
"line_hashes": [
"76787236209842138838784991812755214926",
"220984635008130985809678367838267614256",
"182088510541346572073573731253971053834",
"27033997971400270141415436899154519838"
],
"threshold": 0.9
}
},
{
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@614a61e1592051cc42d3c38f899c9f7bdaad8a1d",
"id": "CVE-2022-49280-e00e6ae5",
"deprecated": false,
"target": {
"file": "fs/nfsd/xdr.h"
},
"signature_version": "v1",
"digest": {
"line_hashes": [
"108502037110284336660593669090201640315",
"248322763512690846959080589813869555234",
"170732709219156239845408100319478013753",
"293696096339561709272791694354057429639"
],
"threshold": 0.9
}
},
{
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2764af8ce0bf03cc43ee4a11897cab96bde6caae",
"id": "CVE-2022-49280-f42067a7",
"deprecated": false,
"target": {
"file": "fs/nfsd/xdr.h"
},
"signature_version": "v1",
"digest": {
"line_hashes": [
"108502037110284336660593669090201640315",
"248322763512690846959080589813869555234",
"170732709219156239845408100319478013753",
"293696096339561709272791694354057429639"
],
"threshold": 0.9
}
}
]