Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
vulnrichmentLinuxVULNRICHMENT:CVE-2022-48686
HistoryMay 03, 2024 - 2:59 p.m.

CVE-2022-48686 nvme-tcp: fix UAF when detecting digest errors

2024-05-0314:59:10
Linux
github.com
5
linux kernel
vulnerability resolution
nvme-tcp

AI Score

6.6

Confidence

Low

EPSS

0

Percentile

5.1%

SSVC

Exploitation

none

Automatable

no

Technical Impact

partial

JSON

In the Linux kernel, the following vulnerability has been resolved:

nvme-tcp: fix UAF when detecting digest errors

We should also bail from the io_work loop when we set rd_enabled to true,
so we don’t attempt to read data from the socket when the TCP stream is
already out-of-sync or corrupted.

CNA Affected

[
  {
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "vendor": "Linux",
    "product": "Linux",
    "versions": [
      {
        "status": "affected",
        "version": "3f2304f8c6d6",
        "lessThan": "19816a021468",
        "versionType": "git"
      },
      {
        "status": "affected",
        "version": "3f2304f8c6d6",
        "lessThan": "5914fa32ef1b",
        "versionType": "git"
      },
      {
        "status": "affected",
        "version": "3f2304f8c6d6",
        "lessThan": "13c80a6c1124",
        "versionType": "git"
      },
      {
        "status": "affected",
        "version": "3f2304f8c6d6",
        "lessThan": "c3eb461aa56e",
        "versionType": "git"
      },
      {
        "status": "affected",
        "version": "3f2304f8c6d6",
        "lessThan": "160f3549a907",
        "versionType": "git"
      }
    ],
    "programFiles": [
      "drivers/nvme/host/tcp.c"
    ],
    "defaultStatus": "unaffected"
  },
  {
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "vendor": "Linux",
    "product": "Linux",
    "versions": [
      {
        "status": "affected",
        "version": "5.0"
      },
      {
        "status": "unaffected",
        "version": "0",
        "lessThan": "5.0",
        "versionType": "custom"
      },
      {
        "status": "unaffected",
        "version": "5.4.213",
        "versionType": "custom",
        "lessThanOrEqual": "5.4.*"
      },
      {
        "status": "unaffected",
        "version": "5.10.143",
        "versionType": "custom",
        "lessThanOrEqual": "5.10.*"
      },
      {
        "status": "unaffected",
        "version": "5.15.68",
        "versionType": "custom",
        "lessThanOrEqual": "5.15.*"
      },
      {
        "status": "unaffected",
        "version": "5.19.9",
        "versionType": "custom",
        "lessThanOrEqual": "5.19.*"
      },
      {
        "status": "unaffected",
        "version": "6.0",
        "versionType": "original_commit_for_fix",
        "lessThanOrEqual": "*"
      }
    ],
    "programFiles": [
      "drivers/nvme/host/tcp.c"
    ],
    "defaultStatus": "affected"
  }
]

Related

ubuntucve 1
cvelist 1
debiancve 1
osv 2
cve 1
redhatcve 1
nvd 1
redos 1
nessus 14
openvas 9
ubuntucve
ubuntucve
CVE-2022-48686
2024-05-03 00:00:00
cvelist
cvelist
CVE-2022-48686 nvme-tcp: fix UAF when detecting digest errors
2024-05-03 14:59:10
debiancve
debiancve
CVE-2022-48686
2024-05-03 15:15:07
osv
osv
CVE-2022-48686
2024-05-03 15:15:00
Security update for the Linux Kernel
2024-09-16 08:56:37
cve
cve
CVE-2022-48686
2024-05-03 15:15:07
redhatcve
redhatcve
CVE-2022-48686
2024-05-03 18:54:36
nvd
nvd
CVE-2022-48686
2024-05-03 15:15:07
redos
redos
ROS-20240814-03
2024-08-14 00:00:00
nessus
nessus
Amazon Linux 2 : kernel (ALASKERNEL-5.4-2022-036)
2022-10-14 00:00:00
Amazon Linux 2 : kernel (ALASKERNEL-5.10-2022-020)
2022-10-14 00:00:00
Amazon Linux 2 : kernel (ALASKERNEL-5.15-2022-008)
2022-10-14 00:00:00
openvas
openvas
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:1642-1)
2024-05-24 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-1911)
2024-07-16 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-2120)
2024-08-20 00:00:00

AI Score

6.6

Confidence

Low

EPSS

0

Percentile

5.1%

SSVC

Exploitation

none

Automatable

no

Technical Impact

partial

JSON
Related for VULNRICHMENT:CVE-2022-48686
ubuntucve1cvelist1debiancve1osv2cve1redhatcve1nvd1redos1nessus14openvas9