DEBIAN-CVE-2022-48654
- Source
- https://security-tracker.debian.org/tracker/DEBIAN-CVE-2022-48654
- Import Source
- https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2022-48654.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2022-48654
- Upstream
- Published
- 2024-04-28T13:15:07Z
- Modified
- 2025-09-19T07:32:58.061899Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkosf: fix possible bogus match in nfosffind() nfosffind() incorrectly returns true on mismatch, this leads to copying uninitialized memory area in nftosf which can be used to leak stale kernel stack data to userspace.
- References
Affected packages
Debian:11 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.10.148-1
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:14 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source