CVE-2022-48668

In the Linux kernel, the following vulnerability has been resolved: smb3: fix temporary data corruption in collapse range collapse range doesn't discard the affected cached region so can risk temporarily corrupting the file data. This fixes xfstest generic/031 I also decided to merge a minor cleanup to this into the same patch (avoiding rereading inode size repeatedly unnecessarily) to make it clearer.

CVSS v3 3.3 LOW

3.3^/10

CVSS v3 : LOW

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 1.4

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/49523a4732204bdacbf3941a016503ddb4ddb3b9	Patch
https://git.kernel.org/stable/c/fa30a81f255a56cccd89552cd6ce7ea6e8d8acc4	Patch
https://git.kernel.org/stable/c/49523a4732204bdacbf3941a016503ddb4ddb3b9	Patch
https://git.kernel.org/stable/c/fa30a81f255a56cccd89552cd6ce7ea6e8d8acc4	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.0:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.0:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.0:rc3::::::

History

18 Sep 2025, 13:59

Type	Values Removed	Values Added
CPE		cpe:2.3:o:linux:linux_kernel:6.0:rc1:::::: cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:6.0:rc3:::::: cpe:2.3:o:linux:linux_kernel:6.0:rc2::::::
First Time		Linux linux Kernel Linux
CWE		NVD-CWE-noinfo
References	~~() https://git.kernel.org/stable/c/49523a4732204bdacbf3941a016503ddb4ddb3b9 -~~	() https://git.kernel.org/stable/c/49523a4732204bdacbf3941a016503ddb4ddb3b9 - Patch
References	~~() https://git.kernel.org/stable/c/fa30a81f255a56cccd89552cd6ce7ea6e8d8acc4 -~~	() https://git.kernel.org/stable/c/fa30a81f255a56cccd89552cd6ce7ea6e8d8acc4 - Patch
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 3.3

21 Nov 2024, 07:33

Type	Values Removed	Values Added
References	~~() https://git.kernel.org/stable/c/49523a4732204bdacbf3941a016503ddb4ddb3b9 -~~	() https://git.kernel.org/stable/c/49523a4732204bdacbf3941a016503ddb4ddb3b9 -
References	~~() https://git.kernel.org/stable/c/fa30a81f255a56cccd89552cd6ce7ea6e8d8acc4 -~~	() https://git.kernel.org/stable/c/fa30a81f255a56cccd89552cd6ce7ea6e8d8acc4 -
Summary		(es) En el kernel de Linux, se resolvió la siguiente vulnerabilidad: smb3: corrige la corrupción temporal de datos en el rango de contracción el rango de contracción no descarta la región en caché afectada, por lo que puede correr el riesgo de corromper temporalmente los datos del archivo. Esto corrige xfstest generic/031. También decidí fusionar una limpieza menor en el mismo parche (evitando volver a leer el tamaño del inodo repetidamente innecesariamente) para que quede más claro.

28 Apr 2024, 13:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-04-28 13:15

Updated : 2025-09-19 15:04

NVD link : CVE-2022-48668

Mitre link : CVE-2022-48668

CVE.ORG link : CVE-2022-48668

JSON object : View

Products Affected

linux

linux_kernel

CWE

NVD-CWE-noinfo

3.3 /10