Linux Kernel NFSD Buffer Overflow Vulnerability in NFSv2 READDIR

A buffer overflow vulnerability has been identified in the Linux kernel's NFSv2 READDIR implementation within the NFSD component. This issue arises from an improper handling of the 'count' argument, which can lead to a send buffer overflow. The vulnerability is present in several versions of the Linux kernel.

Impact

Exploitation of this vulnerability can lead to a buffer overflow, which may be exploited to execute arbitrary code or cause a denial-of-service condition.

Reproduction

The vulnerability can be reproduced by sending a crafted NFSv2 READDIR request that exceeds the maximum payload size, causing the server to overflow its buffer. This can be done by manipulating the 'count' argument in the request to a value that exceeds the allocated buffer size.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been patched. Instructions for upgrading the Linux kernel can be found in the official Linux documentation.