CVE-2022-48668

low-risk
Published 2024-04-28

In the Linux kernel, the following vulnerability has been resolved: smb3: fix temporary data corruption in collapse range collapse range doesn't discard the affected cached region so can risk temporarily corrupting the file data. This fixes xfstest generic/031 I also decided to merge a minor cleanup to this into the same patch (avoiding rereading inode size repeatedly unnecessarily) to make it clearer.

Do I need to act?

-
0.01% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
3
CVSS 3.3/10 Low
LOCAL / LOW complexity

Affected Products (4)

Affected Vendors

Linux

References (4)

Patch https://git.kernel.org/stable/c/49523a4732204bdacbf3941a016503ddb4ddb3b9
Patch https://git.kernel.org/stable/c/fa30a81f255a56cccd89552cd6ce7ea6e8d8acc4
Patch https://git.kernel.org/stable/c/49523a4732204bdacbf3941a016503ddb4ddb3b9
Patch https://git.kernel.org/stable/c/fa30a81f255a56cccd89552cd6ce7ea6e8d8acc4
23
/ 100
low-risk
Severity 13/34 · Low
Exploitability 0/34 · Minimal
Exposure 10/34 · Low