CVE-2022-48686
- Source
- https://cve.org/CVERecord?id=CVE-2022-48686
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-48686.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-48686
- Downstream
- Related
- Published
- 2024-05-03T14:59:10.472Z
- Modified
- 2026-03-20T12:21:43.791440Z
- Severity
-
- 6.2 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- nvme-tcp: fix UAF when detecting digest errors
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
nvme-tcp: fix UAF when detecting digest errors
We should also bail from the iowork loop when we set rdenabled to true, so we don't attempt to read data from the socket when the TCP stream is already out-of-sync or corrupted.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/48xxx/CVE-2022-48686.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/13c80a6c112467bab5e44d090767930555fc17a5
- https://git.kernel.org/stable/c/160f3549a907a50e51a8518678ba2dcf2541abea
- https://git.kernel.org/stable/c/19816a0214684f70b49b25075ff8c402fdd611d3
- https://git.kernel.org/stable/c/5914fa32ef1b7766fea933f9eed94ac5c00aa7ff
- https://git.kernel.org/stable/c/c3eb461aa56e6fa94fb80442ba2586bd223a8886
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/48xxx/CVE-2022-48686.json
- https://nvd.nist.gov/vuln/detail/CVE-2022-48686
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced3f2304f8c6d6ed97849057bd16fee99e434ca796Fixed19816a0214684f70b49b25075ff8c402fdd611d3Fixed5914fa32ef1b7766fea933f9eed94ac5c00aa7ffFixed13c80a6c112467bab5e44d090767930555fc17a5Fixedc3eb461aa56e6fa94fb80442ba2586bd223a8886Fixed160f3549a907a50e51a8518678ba2dcf2541abea