CVE-2022-48946

In the Linux kernel, the following vulnerability has been resolved:

udf: Fix preallocation discarding at indirect extent boundary

When preallocation extent is the first one in the extent block, the
code would corrupt extent tree header instead. Fix the problem and use
udf_delete_aext() for deleting extent to avoid some code duplication.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
LinuxCNA
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 12%
VendorProductVersion
linuxlinux_kernel
𝑥
< 4.9.337
linuxlinux_kernel
4.10 ≤
𝑥
< 4.14.303
linuxlinux_kernel
4.15 ≤
𝑥
< 4.19.270
linuxlinux_kernel
4.20 ≤
𝑥
< 5.4.229
linuxlinux_kernel
5.5 ≤
𝑥
< 5.10.161
linuxlinux_kernel
5.11 ≤
𝑥
< 5.15.85
linuxlinux_kernel
5.16 ≤
𝑥
< 6.0.15
linuxlinux_kernel
6.1
linuxlinux_kernel
6.1.1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.226-1
fixed
bookworm
6.1.106-3
fixed
bookworm (security)
6.1.112-1
fixed
trixie
6.11.5-1
fixed
sid
6.11.6-1
fixed
References
https://git.kernel.org/stable/c/12a88f572d6d94b5c0b72e2d1782cc2e96ac06cf
https://git.kernel.org/stable/c/1a075f4a549481ce6e8518d8379f193ccec6b746
https://git.kernel.org/stable/c/4d835efd561dfb9bf5409f11f4ecd428d5d29226
https://git.kernel.org/stable/c/63dbbd8f1499b0a161e701a04aa50148d60bd1f7
https://git.kernel.org/stable/c/72f651c96c8aadf087fd782d551bf7db648a8c2e
https://git.kernel.org/stable/c/7665857f88557c372da35534165721156756f77f
https://git.kernel.org/stable/c/ae56d9a017724f130cf1a263dd82a78d2a6e3852
https://git.kernel.org/stable/c/c8b6fa4511a7900db9fb0353b630d4d2ed1ba99c
https://git.kernel.org/stable/c/cfe4c1b25dd6d2f056afc00b7c98bcb3dd0b1fc3