CVE-2022-48946

Summary

In the Linux kernel, the following vulnerability has been resolved:

udf: Fix preallocation discarding at indirect extent boundary

When preallocation extent is the first one in the extent block, the code would corrupt extent tree header instead. Fix the problem and use udf_delete_aext() for deleting extent to avoid some code duplication.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < c8b6fa4511a7900db9fb0353b630d4d2ed1ba99caffected
LinuxLinux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 7665857f88557c372da35534165721156756f77faffected
LinuxLinux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 72f651c96c8aadf087fd782d551bf7db648a8c2eaffected
LinuxLinux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 4d835efd561dfb9bf5409f11f4ecd428d5d29226affected
LinuxLinux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 1a075f4a549481ce6e8518d8379f193ccec6b746affected
LinuxLinux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 63dbbd8f1499b0a161e701a04aa50148d60bd1f7affected
LinuxLinux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < ae56d9a017724f130cf1a263dd82a78d2a6e3852affected
LinuxLinux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 12a88f572d6d94b5c0b72e2d1782cc2e96ac06cfaffected
LinuxLinux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < cfe4c1b25dd6d2f056afc00b7c98bcb3dd0b1fc3affected
LinuxLinux2.6.12affected
LinuxLinux0 < 2.6.12unaffected
LinuxLinux4.9.337 <= 4.9.*unaffected
LinuxLinux4.14.303 <= 4.14.*unaffected
LinuxLinux4.19.270 <= 4.19.*unaffected
LinuxLinux5.4.229 <= 5.4.*unaffected
LinuxLinux5.10.161 <= 5.10.*unaffected
LinuxLinux5.15.85 <= 5.15.*unaffected
LinuxLinux6.0.15 <= 6.0.*unaffected
LinuxLinux6.1.1 <= 6.1.*unaffected
LinuxLinux6.2 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References