An issue was discovered in the Linux kernel before 6.2. The ntfs3 subsystem does not properly check for correctness during disk reads, leading to an out-of-bounds read in ntfs_set_ea in fs/ntfs3/xattr.c.
References
Link | Resource |
---|---|
https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.2 | Release Notes |
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0e8235d28f3a0e9eda9f02ff67ee566d5f42b66b | Mailing List Patch |
https://security.netapp.com/advisory/ntap-20230703-0004/ | Third Party Advisory VDB Entry |
https://syzkaller.appspot.com/bug?extid=8778f030156c6cd16d72 | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
15 Dec 2023, 15:47
Type | Values Removed | Values Added |
---|---|---|
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20230703-0004/ - Third Party Advisory, VDB Entry | |
CPE | cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:* |
|
First Time |
Netapp
Netapp h410c Netapp h700s Netapp h410s Netapp h300s Netapp h500s |
03 Jul 2023, 16:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
08 Jun 2023, 01:35
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.1 |
CWE | CWE-125 | |
References | (MISC) https://syzkaller.appspot.com/bug?extid=8778f030156c6cd16d72 - Exploit, Third Party Advisory | |
References | (MISC) https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.2 - Release Notes | |
References | (MISC) https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0e8235d28f3a0e9eda9f02ff67ee566d5f42b66b - Mailing List, Patch | |
First Time |
Linux
Linux linux Kernel |
31 May 2023, 20:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-05-31 20:15
Updated : 2024-02-28 20:13
NVD link : CVE-2022-48502
Mitre link : CVE-2022-48502
CVE.ORG link : CVE-2022-48502
JSON object : View
Products Affected
linux
- linux_kernel
netapp
- h500s
- h410c
- h410s
- h300s
- h700s
CWE
CWE-125
Out-of-bounds Read