First published: Wed May 31 2023(Updated: )
An issue was discovered in the Linux kernel before 6.2. The ntfs3 subsystem does not properly check for correctness during disk reads, leading to an out-of-bounds read in ntfs_set_ea in fs/ntfs3/xattr.c.
Credit: cve@mitre.org cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Linux Kernel | <6.2 | |
Linux Kernel | >=5.15<5.15.121 | |
Linux Kernel | >=5.16<6.1.40 | |
NetApp H300S Firmware | ||
NetApp H410C Firmware | ||
NetApp H410S Firmware | ||
NetApp H500e Firmware | ||
NetApp H700S | ||
debian/linux | 5.10.223-1 5.10.234-1 6.1.129-1 6.1.128-1 6.12.20-1 6.12.21-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-48502 is classified as a high severity vulnerability due to the potential for out-of-bounds reads.
To fix CVE-2022-48502, upgrade to a patched version of the Linux kernel, specifically versions 5.10.223-1, 5.10.226-1, 6.1.123-1, 6.1.119-1, 6.12.11-1, or 6.12.12-1.
CVE-2022-48502 affects the Linux kernel versions prior to 6.2 and certain NetApp hardware like the H300s, H410c, H410s, H500s, and H700s.
CVE-2022-48502 allows for out-of-bounds reads which could lead to information disclosure or crashes.
CVE-2022-48502 was discovered prior to the release of Linux kernel version 6.2.