CVE-2022-48668
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-48668
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-48668.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-48668
- Downstream
- Related
- Published
- 2024-04-28T13:01:59Z
- Modified
- 2025-10-15T15:04:06.482201Z
- Summary
- smb3: fix temporary data corruption in collapse range
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
smb3: fix temporary data corruption in collapse range
collapse range doesn't discard the affected cached region so can risk temporarily corrupting the file data. This fixes xfstest generic/031
I also decided to merge a minor cleanup to this into the same patch (avoiding rereading inode size repeatedly unnecessarily) to make it clearer.
- References
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced5476b5dd82c8bb9d0dd426f96575ae656cede140Fixed49523a4732204bdacbf3941a016503ddb4ddb3b9
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced5476b5dd82c8bb9d0dd426f96575ae656cede140Fixedfa30a81f255a56cccd89552cd6ce7ea6e8d8acc4
Affected versions
v5.*
v5.13
v5.13-rc1
v5.13-rc2
v5.13-rc3
v5.13-rc4
v5.13-rc5
v5.13-rc6
v5.13-rc7
v5.14
v5.14-rc1
v5.14-rc2
v5.14-rc3
v5.14-rc4
v5.14-rc5
v5.14-rc6
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.19
v5.19-rc1
v5.19-rc2
v5.19-rc3
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8
v5.19.1
v5.19.10
v5.19.11
v5.19.2
v5.19.3
v5.19.4
v5.19.5
v5.19.6
v5.19.7
v5.19.8
v5.19.9
v6.*
v6.0-rc1
v6.0-rc2
v6.0-rc3
Database specific
vanir_signatures
[
{
"id": "CVE-2022-48668-7573914a",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"digest": {
"line_hashes": [
"233508374950371794604598502761802056301",
"36701498151413528730299239170428190771",
"242951875994788746442967085671932328422",
"237735197055195803586787746728413212449",
"314670617884869234527921111934502241054",
"262954052033823818673648362694196442110",
"263696941700155221908039839434033318676",
"338897965704694853215112322765546404039",
"6921623451313008580519712331716150629",
"282853382970010651346721152057258972575",
"228051889002999835792989195852063991614",
"215852887743633997794832008919635039395",
"119933644961457473653974489210804140091",
"8061824531751821571406340179539254556",
"15728890832624906617489705457557505237",
"31073137485563279876196943950147198762",
"162028446919057359827121223912987728944",
"52160556582170609090830226951599484623",
"57039918075920244207794575123398372961",
"44980618367220166718586307536090811268",
"11305921440202410815977735749598920287",
"72522226541740128090847336588456856379",
"277717700495427967530245918777345663625",
"308108800194788881148974785580921995746",
"68805286241702608098640136225606805799",
"56841682804636169950061775649398860527",
"282262931607895174232302350558523573129",
"6557134165398620905530475154698516251",
"67262611568916229182949848671780004665",
"198997886748931971499231892592754940851"
],
"threshold": 0.9
},
"target": {
"file": "fs/cifs/smb2ops.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@fa30a81f255a56cccd89552cd6ce7ea6e8d8acc4"
},
{
"id": "CVE-2022-48668-92bff211",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"function_hash": "166922329429597777349747390575492382628",
"length": 905.0
},
"target": {
"file": "fs/cifs/smb2ops.c",
"function": "smb3_collapse_range"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@fa30a81f255a56cccd89552cd6ce7ea6e8d8acc4"
}
]