CVE-2022-48667

Summary

In the Linux kernel, the following vulnerability has been resolved:

smb3: fix temporary data corruption in insert range

insert range doesn't discard the affected cached region so can risk temporarily corrupting file data.

Also includes some minor cleanup (avoiding rereading inode size repeatedly unnecessarily) to make it clearer.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux7fe6fe95b936084dce6eedcc2cccadf96eafae73 < 0cdde8460c304283d4ebe3f767a70215d1ab9d4eaffected
LinuxLinux7fe6fe95b936084dce6eedcc2cccadf96eafae73 < 9c8b7a293f50253e694f19161c045817a938e551affected
LinuxLinux5.13affected
LinuxLinux0 < 5.13unaffected
LinuxLinux5.19.12 <= 5.19.*unaffected
LinuxLinux6.0 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References