Vulnerability Details : CVE-2022-48712
In the Linux kernel, the following vulnerability has been resolved:
ext4: fix error handling in ext4_fc_record_modified_inode()
Current code does not fully takes care of krealloc() error case, which
could lead to silent memory corruption or a kernel bug. This patch
fixes that.
Also it cleans up some duplicated error handling logic from various
functions in fast_commit.c file.
Vulnerability category: Memory Corruption
Products affected by CVE-2022-48712
Please log in to view affected product information.
Exploit prediction scoring system (EPSS) score for CVE-2022-48712
0.08%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 24 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2022-48712
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
5.5
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
N/A
|
N/A
|
RedHat-CVE-2022-48712 | 2024-06-20 |
References for CVE-2022-48712
-
https://git.kernel.org/stable/c/62e46e0ffc02daa8fcfc02f7a932cc8a19601b19
ext4: fix error handling in ext4_fc_record_modified_inode() - kernel/git/stable/linux.git - Linux kernel stable tree
-
https://git.kernel.org/stable/c/14aa3f49c7fc6424763f4323bfbc3a807b0727dc
ext4: fix error handling in ext4_fc_record_modified_inode() - kernel/git/stable/linux.git - Linux kernel stable tree
-
https://git.kernel.org/stable/c/1b6762ecdf3cf12113772427c904aa3c420a1802
ext4: fix error handling in ext4_fc_record_modified_inode() - kernel/git/stable/linux.git - Linux kernel stable tree
-
https://git.kernel.org/stable/c/cdce59a1549190b66f8e3fe465c2b2f714b98a94
ext4: fix error handling in ext4_fc_record_modified_inode() - kernel/git/stable/linux.git - Linux kernel stable tree
Jump to