CVE-2022-48667

low-risk

Published 2024-04-28

In the Linux kernel, the following vulnerability has been resolved: smb3: fix temporary data corruption in insert range insert range doesn't discard the affected cached region so can risk temporarily corrupting file data. Also includes some minor cleanup (avoiding rereading inode size repeatedly unnecessarily) to make it clearer.

Do I need to act?

0.01% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 3.3/10 Low

LOCAL / LOW complexity

Affected Products (4)

Linux Kernel

Affected Vendors

Linux

References (4)

Patch https://git.kernel.org/stable/c/0cdde8460c304283d4ebe3f767a70215d1ab9d4e

Patch https://git.kernel.org/stable/c/9c8b7a293f50253e694f19161c045817a938e551

Patch https://git.kernel.org/stable/c/0cdde8460c304283d4ebe3f767a70215d1ab9d4e

Patch https://git.kernel.org/stable/c/9c8b7a293f50253e694f19161c045817a938e551

/ 100

low-risk

Severity 13/34 · Low

Exploitability 0/34 · Minimal

Exposure 10/34 · Low