Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2022-48686
PUBLISHED
More InfoOfficial Page
Assigner-Linux
Assigner Org ID-416baaa9-dc9f-4396-8d5f-8c081fb06d67
View Known Exploited Vulnerability (KEV) details
Published At-03 May, 2024 | 14:59
Updated At-04 May, 2025 | 08:21
Rejected At-
▼CVE Numbering Authority (CNA)
nvme-tcp: fix UAF when detecting digest errors

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix UAF when detecting digest errors We should also bail from the io_work loop when we set rd_enabled to true, so we don't attempt to read data from the socket when the TCP stream is already out-of-sync or corrupted.

Affected Products
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • drivers/nvme/host/tcp.c
Default Status
unaffected
Versions
Affected
  • From 3f2304f8c6d6ed97849057bd16fee99e434ca796 before 19816a0214684f70b49b25075ff8c402fdd611d3 (git)
  • From 3f2304f8c6d6ed97849057bd16fee99e434ca796 before 5914fa32ef1b7766fea933f9eed94ac5c00aa7ff (git)
  • From 3f2304f8c6d6ed97849057bd16fee99e434ca796 before 13c80a6c112467bab5e44d090767930555fc17a5 (git)
  • From 3f2304f8c6d6ed97849057bd16fee99e434ca796 before c3eb461aa56e6fa94fb80442ba2586bd223a8886 (git)
  • From 3f2304f8c6d6ed97849057bd16fee99e434ca796 before 160f3549a907a50e51a8518678ba2dcf2541abea (git)
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • drivers/nvme/host/tcp.c
Default Status
affected
Versions
Affected
  • 5.0
Unaffected
  • From 0 before 5.0 (semver)
  • From 5.4.213 through 5.4.* (semver)
  • From 5.10.143 through 5.10.* (semver)
  • From 5.15.68 through 5.15.* (semver)
  • From 5.19.9 through 5.19.* (semver)
  • From 6.0 through * (original_commit_for_fix)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://git.kernel.org/stable/c/19816a0214684f70b49b25075ff8c402fdd611d3
N/A
https://git.kernel.org/stable/c/5914fa32ef1b7766fea933f9eed94ac5c00aa7ff
N/A
https://git.kernel.org/stable/c/13c80a6c112467bab5e44d090767930555fc17a5
N/A
https://git.kernel.org/stable/c/c3eb461aa56e6fa94fb80442ba2586bd223a8886
N/A
https://git.kernel.org/stable/c/160f3549a907a50e51a8518678ba2dcf2541abea
N/A
Hyperlink: https://git.kernel.org/stable/c/19816a0214684f70b49b25075ff8c402fdd611d3
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/5914fa32ef1b7766fea933f9eed94ac5c00aa7ff
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/13c80a6c112467bab5e44d090767930555fc17a5
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/c3eb461aa56e6fa94fb80442ba2586bd223a8886
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/160f3549a907a50e51a8518678ba2dcf2541abea
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-416CWE-416 Use After Free
Type: CWE
CWE ID: CWE-416
Description: CWE-416 Use After Free
Metrics
VersionBase scoreBase severityVector
3.16.2MEDIUM
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 6.2
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://git.kernel.org/stable/c/19816a0214684f70b49b25075ff8c402fdd611d3
x_transferred
https://git.kernel.org/stable/c/5914fa32ef1b7766fea933f9eed94ac5c00aa7ff
x_transferred
https://git.kernel.org/stable/c/13c80a6c112467bab5e44d090767930555fc17a5
x_transferred
https://git.kernel.org/stable/c/c3eb461aa56e6fa94fb80442ba2586bd223a8886
x_transferred
https://git.kernel.org/stable/c/160f3549a907a50e51a8518678ba2dcf2541abea
x_transferred
Hyperlink: https://git.kernel.org/stable/c/19816a0214684f70b49b25075ff8c402fdd611d3
Resource:
x_transferred
Hyperlink: https://git.kernel.org/stable/c/5914fa32ef1b7766fea933f9eed94ac5c00aa7ff
Resource:
x_transferred
Hyperlink: https://git.kernel.org/stable/c/13c80a6c112467bab5e44d090767930555fc17a5
Resource:
x_transferred
Hyperlink: https://git.kernel.org/stable/c/c3eb461aa56e6fa94fb80442ba2586bd223a8886
Resource:
x_transferred
Hyperlink: https://git.kernel.org/stable/c/160f3549a907a50e51a8518678ba2dcf2541abea
Resource:
x_transferred
Details not found