Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2022-48747

Опубликовано: 20 июн. 2024
Источник: redhat
CVSS3: 4.4
EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved: block: Fix wrong offset in bio_truncate() bio_truncate() clears the buffer outside of last block of bdev, however current bio_truncate() is using the wrong offset of page. So it can return the uninitialized data. This happened when both of truncated/corrupted FS and userspace (via bdev) are trying to read the last of bdev.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelNot affected
Red Hat Enterprise Linux 7kernel-rtNot affected
Red Hat Enterprise Linux 9kernelNot affected
Red Hat Enterprise Linux 9kernel-rtNot affected
Red Hat Enterprise Linux 8kernel-rtFixedRHSA-2024:510208.08.2024
Red Hat Enterprise Linux 8kernelFixedRHSA-2024:510108.08.2024

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-99
https://bugzilla.redhat.com/show_bug.cgi?id=2293312kernel: block: Fix wrong offset in bio_truncate()

EPSS

Процентиль: 38%
0.00162
Низкий

4.4 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2022-48747

CVSS3: 7.5
ubuntu
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: block: Fix wrong offset in bio_truncate() bio_truncate() clears the buffer outside of last block of bdev, however current bio_truncate() is using the wrong offset of page. So it can return the uninitialized data. This happened when both of truncated/corrupted FS and userspace (via bdev) are trying to read the last of bdev.

nvd логотип

CVE-2022-48747

CVSS3: 7.5
nvd
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: block: Fix wrong offset in bio_truncate() bio_truncate() clears the buffer outside of last block of bdev, however current bio_truncate() is using the wrong offset of page. So it can return the uninitialized data. This happened when both of truncated/corrupted FS and userspace (via bdev) are trying to read the last of bdev.

debian логотип

CVE-2022-48747

CVSS3: 7.5
debian
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: b ...

github логотип

GHSA-qpxp-m569-qp25

CVSS3: 7.5
github
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: block: Fix wrong offset in bio_truncate() bio_truncate() clears the buffer outside of last block of bdev, however current bio_truncate() is using the wrong offset of page. So it can return the uninitialized data. This happened when both of truncated/corrupted FS and userspace (via bdev) are trying to read the last of bdev.

fstec логотип

BDU:2024-10945

CVSS3: 5.5
fstec
около 1 года назад

Уязвимость компонента block ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 38%
0.00162
Низкий

4.4 Medium

CVSS3