{"id":"CVE-2022-48829","summary":"NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nNFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes\n\niattr::ia_size is a loff_t, so these NFSv3 procedures must be\ncareful to deal with incoming client size values that are larger\nthan s64_max without corrupting the value.\n\nSilently capping the value results in storing a different value\nthan the client passed in which is unexpected behavior, so remove\nthe min_t() check in decode_sattr3().\n\nNote that RFC 1813 permits only the WRITE procedure to return\nNFS3ERR_FBIG. We believe that NFSv3 reference implementations\nalso return NFS3ERR_FBIG when ia_size is too large.","modified":"2026-03-20T12:21:55.850041Z","published":"2024-07-16T11:44:13.313Z","related":["SUSE-SU-2024:2892-1","SUSE-SU-2024:2894-1","SUSE-SU-2024:2901-1","SUSE-SU-2024:2902-1","SUSE-SU-2024:2929-1","SUSE-SU-2024:2939-1","SUSE-SU-2024:2940-1","SUSE-SU-2024:2947-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/48xxx/CVE-2022-48829.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/37f2d2cd8eadddbbd9c7bda327a9393399b2f89b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/72c14aed6838b5d90b4dd926b6a339b34bb02e08"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a231ae6bb50e7c0a9e9efd7b0d10687f1d71b3a3"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a648fdeb7c0e17177a2280344d015dba3fbe3314"},{"type":"WEB","url":"https://git.kernel.org/stable/c/aa9051ddb4b378bd22e72a67bc77b9fc1482c5f0"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/48xxx/CVE-2022-48829.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-48829"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2"},{"fixed":"72c14aed6838b5d90b4dd926b6a339b34bb02e08"},{"fixed":"a231ae6bb50e7c0a9e9efd7b0d10687f1d71b3a3"},{"fixed":"37f2d2cd8eadddbbd9c7bda327a9393399b2f89b"},{"fixed":"aa9051ddb4b378bd22e72a67bc77b9fc1482c5f0"},{"fixed":"a648fdeb7c0e17177a2280344d015dba3fbe3314"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-48829.json"}}],"schema_version":"1.7.5"}