// For flags

CVE-2022-0850

kernel: information leak in copy_page_to_iter() in iov_iter.c

Severity Score

7.1
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

2
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

A vulnerability was found in linux kernel, where an information leak occurs via ext4_extent_header to userspace.

Se encontró una vulnerabilidad en el kernel de linux, donde es producido un filtrado de información por medio de la función ext4_extent_header al espacio de usuario

An information leak flaw was found via ext4_extent_header in fs/ext4/extents.c in the Linux kernel. This flaw could allow a local attacker to cause a denial of service.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
High
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2022-03-04 CVE Reserved
  • 2022-08-29 CVE Published
  • 2024-04-19 EPSS Updated
  • 2024-08-02 CVE Updated
  • 2024-08-02 First Exploit
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
< 4.4.276
Search vendor "Linux" for product "Linux Kernel" and version " < 4.4.276"
-
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 4.5 < 4.9.276
Search vendor "Linux" for product "Linux Kernel" and version " >= 4.5 < 4.9.276"
-
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 4.10 < 4.14.240
Search vendor "Linux" for product "Linux Kernel" and version " >= 4.10 < 4.14.240"
-
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 4.15 < 4.19.198
Search vendor "Linux" for product "Linux Kernel" and version " >= 4.15 < 4.19.198"
-
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 4.20 < 5.4.132
Search vendor "Linux" for product "Linux Kernel" and version " >= 4.20 < 5.4.132"
-
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 5.5.0 < 5.10.50
Search vendor "Linux" for product "Linux Kernel" and version " >= 5.5.0 < 5.10.50"
-
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 5.11 < 5.12.17
Search vendor "Linux" for product "Linux Kernel" and version " >= 5.11 < 5.12.17"
-
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 5.13 < 5.13.2
Search vendor "Linux" for product "Linux Kernel" and version " >= 5.13 < 5.13.2"
-
Affected