CVE-2022-48423

Advisory lineage Upstream: 0 Downstream: 7

Downstream

DEBIAN-CVE-2022-48423 UBUNTU-CVE-2022-48423 USN-5982-1 USN-5987-1 USN-6004-1 USN-6079-1

Modified

Published: 19 Mar 2023, 00:00

Last modified:27 Feb 2025, 16:14

Vulnerability Summary

Overall Risk (default)

medium

31/100

CVSS Score

7.8 HIGH

v3.1 (cve.org)

EPSS Score

0.07% LOW

0% probability +0.06%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

19 Mar 2023, 00:00

Published

Vulnerability first disclosed

27 Feb 2025, 16:14

Last Modified

Vulnerability information updated

Description

In the Linux kernel before 6.1.3, fs/ntfs3/record.c does not validate resident attribute names. An out-of-bounds write may occur.

CVSS Metrics

v3.1•HIGH•Score: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Trends

Current EPSS score: 0.07%• Percentile: 22%

Techniques & Countermeasures

CWE-787•Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.

Affected Systems

linux•linux_kernel
< 6.1.3