CVE-2022-48667

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2022-48667
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-48667.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-48667
Downstream
Related
Published
2024-04-28T13:01:54Z
Modified
2025-10-08T05:44:58.308554Z
Summary
smb3: fix temporary data corruption in insert range
Details

In the Linux kernel, the following vulnerability has been resolved:

smb3: fix temporary data corruption in insert range

insert range doesn't discard the affected cached region so can risk temporarily corrupting file data.

Also includes some minor cleanup (avoiding rereading inode size repeatedly unnecessarily) to make it clearer.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
7fe6fe95b936084dce6eedcc2cccadf96eafae73
Fixed
0cdde8460c304283d4ebe3f767a70215d1ab9d4e
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
7fe6fe95b936084dce6eedcc2cccadf96eafae73
Fixed
9c8b7a293f50253e694f19161c045817a938e551

Affected versions

v5.*

v5.13
v5.13-rc1
v5.13-rc2
v5.13-rc3
v5.13-rc4
v5.13-rc5
v5.13-rc6
v5.13-rc7
v5.14
v5.14-rc1
v5.14-rc2
v5.14-rc3
v5.14-rc4
v5.14-rc5
v5.14-rc6
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.19
v5.19-rc1
v5.19-rc2
v5.19-rc3
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8
v5.19.1
v5.19.10
v5.19.11
v5.19.2
v5.19.3
v5.19.4
v5.19.5
v5.19.6
v5.19.7
v5.19.8
v5.19.9

v6.*

v6.0-rc1
v6.0-rc2
v6.0-rc3

Database specific 

{
    "vanir_signatures": [
        {
            "deprecated": false,
            "id": "CVE-2022-48667-873029db",
            "digest": {
                "function_hash": "304932979275267672075697687826264162003",
                "length": 774.0
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9c8b7a293f50253e694f19161c045817a938e551",
            "target": {
                "file": "fs/cifs/smb2ops.c",
                "function": "smb3_insert_range"
            },
            "signature_type": "Function",
            "signature_version": "v1"
        },
        {
            "deprecated": false,
            "id": "CVE-2022-48667-a206bc16",
            "digest": {
                "function_hash": "304932979275267672075697687826264162003",
                "length": 774.0
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0cdde8460c304283d4ebe3f767a70215d1ab9d4e",
            "target": {
                "file": "fs/cifs/smb2ops.c",
                "function": "smb3_insert_range"
            },
            "signature_type": "Function",
            "signature_version": "v1"
        },
        {
            "deprecated": false,
            "id": "CVE-2022-48667-a53f8cae",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "202903354459599668584634694003882400664",
                    "31362929602176450252569370288921810537",
                    "139772346933665799708163575816722286678",
                    "205391699558051725509135807893630909074",
                    "340064843063894964156425554936566354828",
                    "156680472605524305378900280601745238970",
                    "198620594376575784360714854231698690004",
                    "195980402926947105655789570777166810659",
                    "190156991898881658408706377449942098160",
                    "217675955560314923539853247978867472814",
                    "28114939326362200055148176733812060807",
                    "239626636614327208746977639019593250783",
                    "72522226541740128090847336588456856379",
                    "338320611985168639384952077696678194938",
                    "262374911260554057065910236200852471711",
                    "183725015610649821681026762515787716417",
                    "84755923810134993422630044988778012044",
                    "287687250097544941104983474909313174797",
                    "66788020703955313854756576544184043442",
                    "113750171457054476305438157994528503633",
                    "93301576873741271985930266060525533472",
                    "334164146722895361476063165094827018551",
                    "153602466811588606379608725416874368835",
                    "198997886748931971499231892592754940851"
                ]
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9c8b7a293f50253e694f19161c045817a938e551",
            "target": {
                "file": "fs/cifs/smb2ops.c"
            },
            "signature_type": "Line",
            "signature_version": "v1"
        },
        {
            "deprecated": false,
            "id": "CVE-2022-48667-ff167d51",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "202903354459599668584634694003882400664",
                    "31362929602176450252569370288921810537",
                    "139772346933665799708163575816722286678",
                    "205391699558051725509135807893630909074",
                    "340064843063894964156425554936566354828",
                    "156680472605524305378900280601745238970",
                    "198620594376575784360714854231698690004",
                    "195980402926947105655789570777166810659",
                    "190156991898881658408706377449942098160",
                    "217675955560314923539853247978867472814",
                    "28114939326362200055148176733812060807",
                    "239626636614327208746977639019593250783",
                    "72522226541740128090847336588456856379",
                    "338320611985168639384952077696678194938",
                    "262374911260554057065910236200852471711",
                    "183725015610649821681026762515787716417",
                    "84755923810134993422630044988778012044",
                    "287687250097544941104983474909313174797",
                    "66788020703955313854756576544184043442",
                    "113750171457054476305438157994528503633",
                    "93301576873741271985930266060525533472",
                    "334164146722895361476063165094827018551",
                    "153602466811588606379608725416874368835",
                    "198997886748931971499231892592754940851"
                ]
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0cdde8460c304283d4ebe3f767a70215d1ab9d4e",
            "target": {
                "file": "fs/cifs/smb2ops.c"
            },
            "signature_type": "Line",
            "signature_version": "v1"
        }
    ]
}

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.13.0
Fixed
5.19.12