CVE-2022-48747

June 20, 2024, 12:43 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: block: Fix wrong offset in bio_truncate() bio_truncate() clears the buffer outside of last block of bdev, however current bio_truncate() is using the wrong offset of page. So it can return the uninitialized data. This happened when both of truncated/corrupted FS and userspace (via bdev) are trying to read the last of bdev.

Product(s) Impacted

Product Versions
Linux Kernel

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://git.kernel.org/stable/c/3ee859e384d453d6ac68bfd5971f630d9fa46ad3
https://git.kernel.org/stable/c/4633a79ff8bc82770486a063a08b55e5162521d8
https://git.kernel.org/stable/c/6cbf4c731d7812518cd857c2cfc3da9fd120f6ae
https://git.kernel.org/stable/c/941d5180c430ce5b0f7a3622ef9b76077bfa3d82
https://git.kernel.org/stable/c/b63e120189fd92aff00096d11e2fc5253f60248b

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2024-06-20
CVE-2022-48747

Timeline

Published: June 20, 2024, 12:15 p.m.
Last Modified: June 20, 2024, 12:43 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.