[UBUNTU B,F 0/1] CVE-2022-43945
Thadeu Lima de Souza Cascardo
cascardo at canonical.com
Wed Dec 14 16:37:19 UTC 2022
[Impact]
A remote user may cause an out-of-bounds access on a NFS server.
The other fixes for this vulnerability were either:
1) not applicable, since they were fixing newer commits not present
on 5.4 or 4.15.
2) only affected NFSv2 or NFSv3, but those were mitigated by function
nfs_request_too_big, which was removed around 5.8.
[Testing]
A smoke test was done by mounting a localhost NFS server using -o nfsvers=4.
A PoC was built but did not manage to trigger any oops.
[Potential regression]
NFS servers might break.
Chuck Lever (1):
NFSD: Cap rsize_bop result based on send buffer size
fs/nfsd/nfs4proc.c | 35 +++++++++++++++++++++--------------
1 file changed, 21 insertions(+), 14 deletions(-)
--
2.34.1
More information about the kernel-team
mailing list