CVE-2022-50410

Updated: 2025-12-14 02:50:35.385484

Description:

In the Linux kernel, the following vulnerability has been resolved: NFSD: Protect against send buffer overflow in NFSv2 READ Since before the git era, NFSD has conserved the number of pages held by each nfsd thread by combining the RPC receive and send buffers into a single array of pages. This works because there are no cases where an operation needs a large RPC Call message and a large RPC Reply at the same time. Once an RPC Call has been received, svc_process() updates svc_rqst::rq_res to describe the part of rq_pages that can be used for constructing the Reply. This means that the send buffer (rq_res) shrinks when the received RPC record containing the RPC Call is large. A client can force this shrinkage on TCP by sending a correctly- formed RPC Call header contained in an RPC record that is excessively large. The full maximum payload size cannot be constructed in that case.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0.0
CVSS Version 3.x HIGH 7.8

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement
CentOS 6 ELS kernel 2.6.32 7.8 HIGH In Testing 2026-01-06 16:06:06
CentOS 7 ELS kernel 3.10.0 7.8 HIGH In Testing 2026-01-06 16:02:42
CentOS 8.4 ELS kernel 4.18.0 7.8 HIGH In Progress 2025-11-20 12:15:28
CentOS 8.5 ELS kernel 4.18.0 7.8 HIGH Needs Triage 2025-09-24 06:09:39
CloudLinux 7 ELS kernel 3.10.0 7.8 HIGH Ignored 2025-12-27 04:44:08 CloudLinux 6 and 7 support is limited and provided on demand. We strongly recommend upgrading to Clo...
Oracle Linux 6 ELS kernel 2.6.32 7.8 HIGH Needs Triage 2025-12-14 08:33:12
Oracle Linux 7 ELS kernel 3.10.0 7.8 HIGH Released CLSA-2026:1767867153 2026-01-08 16:44:57
Oracle Linux 7 ELS kernel-uek 5.4.17 7.8 HIGH Needs Triage 2025-12-22 22:34:19
RHEL 7 ELS kernel 3.10.0 7.8 HIGH Released CLSA-2026:1767867718 2026-01-08 16:44:56
Ubuntu 16.04 ELS linux-hwe 4.15.0 7.8 HIGH Needs Triage 2025-12-14 07:42:47
Total: 11