CVE-2022-48946

udf: Fix preallocation discarding at indirect extent boundary

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

MITRE

In the Linux kernel, the following vulnerability has been resolved:

udf: Fix preallocation discarding at indirect extent boundary

When preallocation extent is the first one in the extent block, the
code would corrupt extent tree header instead. Fix the problem and use
udf_delete_aext() for deleting extent to avoid some code duplication.

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-08-22 CVE Reserved
2024-10-21 CVE Published
2024-10-26 EPSS Updated
2024-11-04 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (9)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/c8b6fa4511a7900db9fb0353b630d4d2ed1ba99c	2023-01-07
https://git.kernel.org/stable/c/7665857f88557c372da35534165721156756f77f	2023-01-18
https://git.kernel.org/stable/c/72f651c96c8aadf087fd782d551bf7db648a8c2e	2023-01-18
https://git.kernel.org/stable/c/4d835efd561dfb9bf5409f11f4ecd428d5d29226	2023-01-18
https://git.kernel.org/stable/c/1a075f4a549481ce6e8518d8379f193ccec6b746	2022-12-21
https://git.kernel.org/stable/c/63dbbd8f1499b0a161e701a04aa50148d60bd1f7	2022-12-21
https://git.kernel.org/stable/c/ae56d9a017724f130cf1a263dd82a78d2a6e3852	2022-12-21
https://git.kernel.org/stable/c/12a88f572d6d94b5c0b72e2d1782cc2e96ac06cf	2022-12-21
https://git.kernel.org/stable/c/cfe4c1b25dd6d2f056afc00b7c98bcb3dd0b1fc3	2022-12-09

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 4.9.337 Search vendor "Linux" for product "Linux Kernel" and version " < 4.9.337"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 4.14.303 Search vendor "Linux" for product "Linux Kernel" and version " < 4.14.303"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 4.19.270 Search vendor "Linux" for product "Linux Kernel" and version " < 4.19.270"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 5.4.229 Search vendor "Linux" for product "Linux Kernel" and version " < 5.4.229"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 5.10.161 Search vendor "Linux" for product "Linux Kernel" and version " < 5.10.161"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 5.15.85 Search vendor "Linux" for product "Linux Kernel" and version " < 5.15.85"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 6.0.15 Search vendor "Linux" for product "Linux Kernel" and version " < 6.0.15"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 6.1.1 Search vendor "Linux" for product "Linux Kernel" and version " < 6.1.1"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 6.2 Search vendor "Linux" for product "Linux Kernel" and version " < 6.2"		en		Affected