CVE-2022-43945: The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow.
The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC message with garbage data is still correctly formed according to the specification and is passed forward to handlers. Vulnerable code in NFSD is not expecting the oversized request and writes beyond the allocated buffer space. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Security readout for executives and security teams
CVE-2022-43945 is a Linux kernel NFSD buffer overflow that can crash or disrupt systems providing NFS service. Business impact is availability, not documented data theft. Systems are mainly exposed when NFS/NFSD is enabled and reachable over the network. Linux servers, storage platforms, or appliances running vulnerable kernels with NFSD/NFS server functionality enabled and reachable are the primary concern. General Linux endpoints without NFSD exposure are less likely to be affected. Prioritize internet- or partner-reachable NFS services and storage appliances. Treat this as a high availability risk that should be patched through normal emergency or accelerated maintenance processes. Mitigation focus: Upgrade Linux kernels to versions containing the NFSD fix.; Apply vendor updates or live patches for affected appliances.; Restrict NFS/RPC access to trusted networks only..
Prepared
Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.
Potential ATT&CK relevance
Conservative CVE-to-ATT&CK context
These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.
ATT&CK lookup starting points
Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.
cwe · low confidence lookup
CWE-131: Exact CWE lookup
Use the exact CWE identifier as the starting point before reviewing related ATT&CK behavior. Open the exact CWE lookup page first, then review the ATT&CK searches from that MITRE weakness context. This is a Glexia lookup hint, not an official ATT&CK mapping.
These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.
We collect every scored CVSS vector available in the official CNA and ADP containers. When more than one version is present, the table keeps the source vectors side by side instead of collapsing them into the highest score.
CWE links open Glexia weakness intelligence pages with official CWE context, developer remediation guidance, and related CVE mappings.
CWE-131 · source CWE mapping
Incorrect Calculation of Buffer Size
Incorrect Calculation of Buffer Size represents a recurring weakness pattern that can create exploitable paths when design, validation, or implementation controls are missing.