CVE-2022-4842

2023-01-1200:00:00

ubuntu.com

cve-2022-4842

null pointer dereference

linux kernel

ntfs3 driver

attr_punch_hole()

bugzilla

red hat

local user

system crash

unix

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

0.0004 Low

EPSS

Percentile

5.1%

JSON

A flaw NULL Pointer Dereference in the Linux kernel NTFS3 driver function
attr_punch_hole() was found. A local user could use this flaw to crash the
system.

Bugs

<https://bugzilla.redhat.com/show_bug.cgi?id=2156927>

OSVersionArchitecturePackageVersionFilename
ubuntu22.04noarchlinux< 5.15.0-70.77UNKNOWN
ubuntu22.10noarchlinux< 5.19.0-42.43UNKNOWN
ubuntu22.04noarchlinux-allwinner-5.19< 5.19.0-1012.12~22.04.1UNKNOWN
ubuntu22.04noarchlinux-aws< 5.15.0-1034.38UNKNOWN
ubuntu22.10noarchlinux-aws< 5.19.0-1025.26UNKNOWN
ubuntu20.04noarchlinux-aws-5.15< 5.15.0-1034.38~20.04.1UNKNOWN
ubuntu22.04noarchlinux-azure< 5.15.0-1036.43UNKNOWN
ubuntu22.10noarchlinux-azure< 5.19.0-1026.29UNKNOWN
ubuntu20.04noarchlinux-azure-5.15< 5.15.0-1036.43~20.04.1UNKNOWN
ubuntu22.04noarchlinux-azure-5.19< 5.19.0-1026.29~22.04.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	22.04	noarch	linux	< 5.15.0-70.77	UNKNOWN
ubuntu	22.10	noarch	linux	< 5.19.0-42.43	UNKNOWN
ubuntu	22.04	noarch	linux-allwinner-5.19	< 5.19.0-1012.12~22.04.1	UNKNOWN
ubuntu	22.04	noarch	linux-aws	< 5.15.0-1034.38	UNKNOWN
ubuntu	22.10	noarch	linux-aws	< 5.19.0-1025.26	UNKNOWN
ubuntu	20.04	noarch	linux-aws-5.15	< 5.15.0-1034.38~20.04.1	UNKNOWN
ubuntu	22.04	noarch	linux-azure	< 5.15.0-1036.43	UNKNOWN
ubuntu	22.10	noarch	linux-azure	< 5.19.0-1026.29	UNKNOWN
ubuntu	20.04	noarch	linux-azure-5.15	< 5.15.0-1036.43~20.04.1	UNKNOWN
ubuntu	22.04	noarch	linux-azure-5.19	< 5.19.0-1026.29~22.04.1	UNKNOWN