PatchSiren

PatchSiren cyber security CVE debrief

CVE-2022-48828 Linux CVE debrief

CVE-2022-48828 is a Linux kernel NFSD bug where an NFS file-size value can be copied into a signed 64-bit iattr::ia_size field without first checking whether the unsigned value exceeds S64_MAX. The result is an underflow in nfsd_setattr(), with availability impact only per the CVSS vector. The NVD record and linked kernel patches describe the issue as fixed in the common setattr path used by NFSv3 and NFSv4 handling.

Vendor
Linux
Product
CVE-2022-48828
CVSS
MEDIUM 5.5
CISA KEV
Not listed in stored evidence
Original CVE published
2024-07-16
Original CVE updated
2026-05-12
Advisory published
2024-07-16
Advisory updated
2026-05-12

Who should care

Linux kernel maintainers, distro security teams, and administrators running kernel NFS server services (NFSD) on affected releases should care most. This is especially relevant for systems that rely on NFSv3 or NFSv4 attribute handling and need to keep kernel packages current.

Technical summary

The Linux kernel uses loff_t for iattr::ia_size, which is a signed 64-bit type, while NFSv3 and NFSv4 file sizes are defined as unsigned 64-bit values. According to the source description, decode_fattr4() can place a full u64 into ia_size, and if the value is larger than S64_MAX, the signed field underflows. The fix catches this condition in nfsd_setattr(), the shared code path for the NFS server attribute update logic. NVD classifies the weakness as CWE-191 and rates the issue CVSS 3.1 5.5 MEDIUM (AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Defensive priority

Medium. Prioritize through normal kernel patch management, and elevate sooner on hosts that run NFSD or otherwise depend on NFS server functionality for production workloads.

Recommended defensive actions

  • Apply kernel updates that include the referenced NFSD ia_size underflow fix.
  • Check whether running kernels fall within the vulnerable NVD CPE ranges: before 5.4.295, 5.5 through before 5.10.220, 5.11 through before 5.15.24, 5.16 through before 5.16.10, and 5.17-rc1 through rc3.
  • Schedule maintenance for Linux systems providing NFS server services, especially those using NFSv3 or NFSv4.
  • Use the linked kernel patch references to confirm your downstream distribution has incorporated the fix.
  • Continue routine monitoring of NFS server behavior and kernel logs while remediation is in progress.

Evidence notes

This debrief is based only on the supplied NVD record, its CVSS and CPE data, and the referenced kernel patch links. The source description explicitly states that a u64 file-size value can underflow signed iattr::ia_size and that the fix belongs in nfsd_setattr(). The NVD record identifies CWE-191 and provides the availability-focused CVSS vector. No exploit details or unsupported impact claims are included.

Official resources

The CVE was published in the supplied record on 2024-07-16. The NVD record was later modified on 2026-05-12. The issue is described as resolved by Linux kernel patches linked from the official vulnerability record.