CVE-2022-48668

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2022-48668
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-48668.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-48668
Downstream
Related
Published
2024-04-28T13:01:59Z
Modified
2025-10-08T06:23:04.061712Z
Summary
smb3: fix temporary data corruption in collapse range
Details

In the Linux kernel, the following vulnerability has been resolved:

smb3: fix temporary data corruption in collapse range

collapse range doesn't discard the affected cached region so can risk temporarily corrupting the file data. This fixes xfstest generic/031

I also decided to merge a minor cleanup to this into the same patch (avoiding rereading inode size repeatedly unnecessarily) to make it clearer.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
5476b5dd82c8bb9d0dd426f96575ae656cede140
Fixed
49523a4732204bdacbf3941a016503ddb4ddb3b9
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
5476b5dd82c8bb9d0dd426f96575ae656cede140
Fixed
fa30a81f255a56cccd89552cd6ce7ea6e8d8acc4

Affected versions

v5.*

v5.13
v5.13-rc1
v5.13-rc2
v5.13-rc3
v5.13-rc4
v5.13-rc5
v5.13-rc6
v5.13-rc7
v5.14
v5.14-rc1
v5.14-rc2
v5.14-rc3
v5.14-rc4
v5.14-rc5
v5.14-rc6
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.19
v5.19-rc1
v5.19-rc2
v5.19-rc3
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8
v5.19.1
v5.19.10
v5.19.11
v5.19.2
v5.19.3
v5.19.4
v5.19.5
v5.19.6
v5.19.7
v5.19.8
v5.19.9

v6.*

v6.0-rc1
v6.0-rc2
v6.0-rc3

Database specific 

{
    "vanir_signatures": [
        {
            "id": "CVE-2022-48668-25b8f04a",
            "deprecated": false,
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "233508374950371794604598502761802056301",
                    "36701498151413528730299239170428190771",
                    "242951875994788746442967085671932328422",
                    "237735197055195803586787746728413212449",
                    "314670617884869234527921111934502241054",
                    "262954052033823818673648362694196442110",
                    "263696941700155221908039839434033318676",
                    "338897965704694853215112322765546404039",
                    "6921623451313008580519712331716150629",
                    "282853382970010651346721152057258972575",
                    "228051889002999835792989195852063991614",
                    "215852887743633997794832008919635039395",
                    "119933644961457473653974489210804140091",
                    "8061824531751821571406340179539254556",
                    "15728890832624906617489705457557505237",
                    "31073137485563279876196943950147198762",
                    "162028446919057359827121223912987728944",
                    "52160556582170609090830226951599484623",
                    "57039918075920244207794575123398372961",
                    "44980618367220166718586307536090811268",
                    "11305921440202410815977735749598920287",
                    "72522226541740128090847336588456856379",
                    "277717700495427967530245918777345663625",
                    "308108800194788881148974785580921995746",
                    "68805286241702608098640136225606805799",
                    "56841682804636169950061775649398860527",
                    "282262931607895174232302350558523573129",
                    "6557134165398620905530475154698516251",
                    "67262611568916229182949848671780004665",
                    "198997886748931971499231892592754940851"
                ]
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@49523a4732204bdacbf3941a016503ddb4ddb3b9",
            "target": {
                "file": "fs/cifs/smb2ops.c"
            },
            "signature_type": "Line",
            "signature_version": "v1"
        },
        {
            "id": "CVE-2022-48668-59a190b6",
            "deprecated": false,
            "digest": {
                "function_hash": "166922329429597777349747390575492382628",
                "length": 905.0
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@49523a4732204bdacbf3941a016503ddb4ddb3b9",
            "target": {
                "file": "fs/cifs/smb2ops.c",
                "function": "smb3_collapse_range"
            },
            "signature_type": "Function",
            "signature_version": "v1"
        },
        {
            "id": "CVE-2022-48668-7573914a",
            "deprecated": false,
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "233508374950371794604598502761802056301",
                    "36701498151413528730299239170428190771",
                    "242951875994788746442967085671932328422",
                    "237735197055195803586787746728413212449",
                    "314670617884869234527921111934502241054",
                    "262954052033823818673648362694196442110",
                    "263696941700155221908039839434033318676",
                    "338897965704694853215112322765546404039",
                    "6921623451313008580519712331716150629",
                    "282853382970010651346721152057258972575",
                    "228051889002999835792989195852063991614",
                    "215852887743633997794832008919635039395",
                    "119933644961457473653974489210804140091",
                    "8061824531751821571406340179539254556",
                    "15728890832624906617489705457557505237",
                    "31073137485563279876196943950147198762",
                    "162028446919057359827121223912987728944",
                    "52160556582170609090830226951599484623",
                    "57039918075920244207794575123398372961",
                    "44980618367220166718586307536090811268",
                    "11305921440202410815977735749598920287",
                    "72522226541740128090847336588456856379",
                    "277717700495427967530245918777345663625",
                    "308108800194788881148974785580921995746",
                    "68805286241702608098640136225606805799",
                    "56841682804636169950061775649398860527",
                    "282262931607895174232302350558523573129",
                    "6557134165398620905530475154698516251",
                    "67262611568916229182949848671780004665",
                    "198997886748931971499231892592754940851"
                ]
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@fa30a81f255a56cccd89552cd6ce7ea6e8d8acc4",
            "target": {
                "file": "fs/cifs/smb2ops.c"
            },
            "signature_type": "Line",
            "signature_version": "v1"
        },
        {
            "id": "CVE-2022-48668-92bff211",
            "deprecated": false,
            "digest": {
                "function_hash": "166922329429597777349747390575492382628",
                "length": 905.0
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@fa30a81f255a56cccd89552cd6ce7ea6e8d8acc4",
            "target": {
                "file": "fs/cifs/smb2ops.c",
                "function": "smb3_collapse_range"
            },
            "signature_type": "Function",
            "signature_version": "v1"
        }
    ]
}

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.13.0
Fixed
5.19.12