CVE-2022-50235: 
Linux Kernel vulnerability analysis and mitigation

A buffer overflow vulnerability was identified in the Linux kernel's Network File System daemon (NFSD), specifically in the NFSv2 READDIR functionality. The vulnerability (CVE-2022-50235) was disclosed and documented in September 2025. The issue affects the Linux kernel's NFS server implementation and requires restoring previous limits on the @count argument to prevent potential buffer overflow attacks (NVD).

The vulnerability exists in the NFSD component of the Linux kernel, specifically affecting the NFSv2 READDIR operation. The security flaw occurs due to improper bounds checking on the @count argument, which could lead to a buffer overflow condition. The issue was addressed by restoring the previous limit on the @count argument to prevent potential overflow scenarios (NVD).

The vulnerability could potentially allow an attacker to cause a buffer overflow in the NFSv2 READDIR functionality. This could lead to system instability or potential code execution in the context of the kernel. The issue affects systems running the Linux kernel with NFS server functionality enabled (NVD).

The vulnerability has been fixed in various Linux distributions. Ubuntu has released patches for affected versions, with Ubuntu 22.04 LTS (jammy) receiving the fix in version 5.15.0-56.62. Similar fixes have been applied to other versions including Ubuntu 20.04 LTS focal in version 5.15.0-56.62~20.04.1 (Ubuntu).