Linux Kernel NFSD Underflow Vulnerability in Write Arguments Decoder

Vulnerability

A vulnerability in the Linux kernel's NFS server component (NFSD) has been addressed. The issue was an underflow in the function 'nfssvc_decode_writeargs()', which could potentially lead to unexpected behavior. The vulnerability arose because the 'len' parameter in the 'args' structure did not have a defined lower bound, allowing for the possibility of an underflow. This issue has been resolved by changing the parameter type to unsigned, eliminating the risk.

Impact

Exploitation of this vulnerability could lead to an underflow, potentially causing memory corruption or other unintended behaviors in the NFS server.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel NFSD Underflow Vulnerability in Write Arguments Decoder

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating