CVE-2022-48668

Summary

In the Linux kernel, the following vulnerability has been resolved:

smb3: fix temporary data corruption in collapse range

collapse range doesn't discard the affected cached region so can risk temporarily corrupting the file data. This fixes xfstest generic/031

I also decided to merge a minor cleanup to this into the same patch (avoiding rereading inode size repeatedly unnecessarily) to make it clearer.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux5476b5dd82c8bb9d0dd426f96575ae656cede140 < 49523a4732204bdacbf3941a016503ddb4ddb3b9affected
LinuxLinux5476b5dd82c8bb9d0dd426f96575ae656cede140 < fa30a81f255a56cccd89552cd6ce7ea6e8d8acc4affected
LinuxLinux5.13affected
LinuxLinux0 < 5.13unaffected
LinuxLinux5.19.12 <= 5.19.*unaffected
LinuxLinux6.0 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References