[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2022-48733":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T02:53:27.892Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":20,"aliases":21,"duplicate_of":9,"upstream":22,"downstream":23,"duplicates":64,"related":65,"reserved_at":9,"published_at":72,"modified_at":73,"state":74,"summary":75,"references_raw":84,"kevs":107,"epss":108,"epss_history":111,"metrics":367,"affected":373},"CVE-2022-48733","In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix use-after-free after failure to create a snapshot\n\nAt ioctl.c:create_snapshot(), we allocate a pending snapshot structure and\nthen attach it to the transaction's list of pending snapshots. After that\nwe call btrfs_commit_transaction(), and if that returns an error we jump\nto 'fail' label, where we kfree() the pending snapshot structure. This can\nresult in a later use-after-free of the pending snapshot:\n\n1) We allocated the pending snapshot and added it to the transaction's\n   list of pending snapshots;\n\n2) We call btrfs_commit_transaction(), and it fails either at the first\n   call to btrfs_run_delayed_refs() or btrfs_start_dirty_block_groups().\n   In both cases, we don't abort the transaction and we release our\n   transaction handle. We jump to the 'fail' label and free the pending\n   snapshot structure. We return with the pending snapshot still in the\n   transaction's list;\n\n3) Another task commits the transaction. This time there's no error at\n   all, and then during the transaction commit it accesses a pointer\n   to the pending snapshot structure that the snapshot creation task\n   has already freed, resulting in a user-after-free.\n\nThis issue could actually be detected by smatch, which produced the\nfollowing warning:\n\n  fs/btrfs/ioctl.c:843 create_snapshot() warn: '&pending_snapshot->list' not removed from list\n\nSo fix this by not having the snapshot creation ioctl directly add the\npending snapshot to the transaction's list. Instead add the pending\nsnapshot to the transaction handle, and then at btrfs_commit_transaction()\nwe add the snapshot to the list only when we can guarantee that any error\nreturned after that point will result in a transaction abort, in which\ncase the ioctl code can safely free the pending snapshot and no one can\naccess it anymore.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-416","Use After Free","The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory \"belongs\" to the code that operates on the new pointer.","weakness","Stable","Variant","High",[],[],[],[],[24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62],{"_key":25},"SUSE-SU-2024:2360-1",{"_key":27},"SUSE-SU-2024:2381-1",{"_key":29},"SUSE-SU-2024:2561-1",{"_key":31},"SUSE-SU-2024:2372-1",{"_key":33},"SUSE-SU-2024:2394-1",{"_key":35},"SUSE-SU-2024:2939-1",{"_key":37},"DLA-3912-1",{"_key":39},"DEBIAN-CVE-2022-48733",{"_key":41},"UBUNTU-CVE-2022-48733",{"_key":43},"USN-7159-1",{"_key":45},"USN-7159-2",{"_key":47},"USN-7159-3",{"_key":49},"USN-7159-4",{"_key":51},"USN-7159-5",{"_key":53},"USN-7121-1",{"_key":55},"USN-7121-2",{"_key":57},"USN-7121-3",{"_key":59},"USN-7148-1",{"_key":61},"USN-7195-1",{"_key":63},"USN-7195-2",[],[66,67,68,69,70,71],{"_key":25},{"_key":27},{"_key":29},{"_key":31},{"_key":33},{"_key":35},"2024-06-20T11:13:20.737Z","2026-05-11T18:45:54.500Z","Modified",{"cisa_kev":76,"cisa_ransomware":76,"cisa_vendor":9,"epss_severity":77,"epss_score":78,"severity":79,"severity_score":80,"severity_version":81,"severity_source":82,"severity_vector":83,"severity_status":74},false,"low",0.00012,"high",7.8,"v3.1","nvd","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",[85,91,95,99,103],{"url":86,"sources":87,"tags":89},"https://git.kernel.org/stable/c/7e4c72dbaf62f8978af8321a24dbd35566d3a78a",[88,82],"cve.org",[90],"Patch",{"url":92,"sources":93,"tags":94},"https://git.kernel.org/stable/c/a7b717fa15165d3d9245614680bebc48a52ac05d",[88,82],[90],{"url":96,"sources":97,"tags":98},"https://git.kernel.org/stable/c/9372fa1d73da5f1673921e365d0cd2c27ec7adc2",[88,82],[90],{"url":100,"sources":101,"tags":102},"https://git.kernel.org/stable/c/28b21c558a3753171097193b6f6602a94169093a",[88,82],[90],{"url":104,"sources":105,"tags":106},"https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html",[88,82],[],[],{"date":109,"score":78,"percentile":110},"2026-06-03",0.01678,[112,115,118,121,124,127,130,133,136,139,141,144,147,149,152,156,159,162,165,168,171,174,177,180,183,185,188,190,193,195,197,200,203,206,208,211,214,217,220,223,226,229,231,233,237,240,243,246,249,252,255,258,261,264,267,270,273,275,278,281,284,287,290,293,296,298,301,304,307,310,313,315,317,320,323,326,329,332,335,338,341,344,347,349,351,353,355,358,361,364],{"date":113,"score":78,"percentile":114},"2025-11-04",0.0108,{"date":116,"score":78,"percentile":117},"2025-11-05",0.01096,{"date":119,"score":78,"percentile":120},"2025-11-06",0.01107,{"date":122,"score":78,"percentile":123},"2025-11-07",0.01109,{"date":125,"score":78,"percentile":126},"2025-11-08",0.01112,{"date":128,"score":78,"percentile":129},"2025-11-09",0.01111,{"date":131,"score":78,"percentile":132},"2025-11-10",0.01101,{"date":134,"score":78,"percentile":135},"2025-11-11",0.01104,{"date":137,"score":78,"percentile":138},"2025-11-12",0.01103,{"date":140,"score":78,"percentile":120},"2025-11-13",{"date":142,"score":78,"percentile":143},"2025-11-14",0.01123,{"date":145,"score":78,"percentile":146},"2025-11-15",0.01137,{"date":148,"score":78,"percentile":146},"2025-11-16",{"date":150,"score":78,"percentile":151},"2025-11-17",0.01132,{"date":153,"score":154,"percentile":155},"2025-11-18",0.0007,0.17576,{"date":157,"score":154,"percentile":158},"2025-11-19",0.17596,{"date":160,"score":154,"percentile":161},"2025-11-20",0.1757,{"date":163,"score":78,"percentile":164},"2025-11-21",0.01182,{"date":166,"score":78,"percentile":167},"2025-11-22",0.01179,{"date":169,"score":78,"percentile":170},"2025-11-23",0.01169,{"date":172,"score":78,"percentile":173},"2025-11-24",0.01164,{"date":175,"score":78,"percentile":176},"2025-11-25",0.01156,{"date":178,"score":78,"percentile":179},"2025-11-26",0.0109,{"date":181,"score":78,"percentile":182},"2025-11-27",0.01089,{"date":184,"score":78,"percentile":117},"2025-11-28",{"date":186,"score":78,"percentile":187},"2025-11-29",0.0113,{"date":189,"score":78,"percentile":146},"2025-11-30",{"date":191,"score":78,"percentile":192},"2025-12-01",0.0117,{"date":194,"score":78,"percentile":173},"2025-12-02",{"date":196,"score":78,"percentile":170},"2025-12-03",{"date":198,"score":78,"percentile":199},"2025-12-04",0.0114,{"date":201,"score":78,"percentile":202},"2025-12-05",0.01154,{"date":204,"score":78,"percentile":205},"2025-12-06",0.01155,{"date":207,"score":78,"percentile":176},"2025-12-07",{"date":209,"score":78,"percentile":210},"2025-12-08",0.01159,{"date":212,"score":78,"percentile":213},"2025-12-09",0.01171,{"date":215,"score":78,"percentile":216},"2025-12-10",0.01186,{"date":218,"score":78,"percentile":219},"2025-12-11",0.01176,{"date":221,"score":78,"percentile":222},"2025-12-12",0.01174,{"date":224,"score":78,"percentile":225},"2025-12-13",0.01163,{"date":227,"score":78,"percentile":228},"2025-12-14",0.0116,{"date":230,"score":78,"percentile":176},"2025-12-15",{"date":232,"score":78,"percentile":228},"2025-12-16",{"date":234,"score":235,"percentile":236},"2025-12-17",0.00013,0.0147,{"date":238,"score":235,"percentile":239},"2025-12-18",0.01565,{"date":241,"score":235,"percentile":242},"2025-12-19",0.0157,{"date":244,"score":235,"percentile":245},"2025-12-20",0.01571,{"date":247,"score":235,"percentile":248},"2025-12-21",0.01579,{"date":250,"score":235,"percentile":251},"2025-12-22",0.01582,{"date":253,"score":235,"percentile":254},"2025-12-23",0.0158,{"date":256,"score":235,"percentile":257},"2025-12-24",0.01581,{"date":259,"score":235,"percentile":260},"2025-12-25",0.01586,{"date":262,"score":235,"percentile":263},"2025-12-26",0.01493,{"date":265,"score":235,"percentile":266},"2025-12-27",0.01484,{"date":268,"score":235,"percentile":269},"2025-12-28",0.01485,{"date":271,"score":235,"percentile":272},"2025-12-29",0.01476,{"date":274,"score":235,"percentile":236},"2025-12-30",{"date":276,"score":235,"percentile":277},"2025-12-31",0.01467,{"date":279,"score":235,"percentile":280},"2026-01-01",0.01489,{"date":282,"score":235,"percentile":283},"2026-01-02",0.01491,{"date":285,"score":235,"percentile":286},"2026-01-03",0.01494,{"date":288,"score":235,"percentile":289},"2026-01-04",0.01464,{"date":291,"score":78,"percentile":292},"2026-01-05",0.01185,{"date":294,"score":78,"percentile":295},"2026-01-06",0.01181,{"date":297,"score":78,"percentile":164},"2026-01-07",{"date":299,"score":78,"percentile":300},"2026-01-08",0.01195,{"date":302,"score":78,"percentile":303},"2026-01-09",0.01209,{"date":305,"score":78,"percentile":306},"2026-01-10",0.01215,{"date":308,"score":78,"percentile":309},"2026-01-11",0.01213,{"date":311,"score":78,"percentile":312},"2026-01-12",0.01218,{"date":314,"score":78,"percentile":306},"2026-01-13",{"date":316,"score":78,"percentile":309},"2026-01-14",{"date":318,"score":78,"percentile":319},"2026-01-15",0.01226,{"date":321,"score":78,"percentile":322},"2026-01-16",0.01231,{"date":324,"score":78,"percentile":325},"2026-01-17",0.01233,{"date":327,"score":78,"percentile":328},"2026-01-18",0.01246,{"date":330,"score":78,"percentile":331},"2026-01-19",0.01242,{"date":333,"score":78,"percentile":334},"2026-01-20",0.01229,{"date":336,"score":78,"percentile":337},"2026-01-21",0.01227,{"date":339,"score":78,"percentile":340},"2026-01-22",0.01228,{"date":342,"score":78,"percentile":343},"2026-01-23",0.0124,{"date":345,"score":78,"percentile":346},"2026-01-24",0.01243,{"date":348,"score":78,"percentile":331},"2026-01-25",{"date":350,"score":78,"percentile":343},"2026-01-26",{"date":352,"score":78,"percentile":322},"2026-01-27",{"date":354,"score":78,"percentile":334},"2026-01-28",{"date":356,"score":235,"percentile":357},"2026-01-29",0.01512,{"date":359,"score":235,"percentile":360},"2026-01-30",0.01517,{"date":362,"score":235,"percentile":363},"2026-01-31",0.01533,{"date":365,"score":235,"percentile":366},"2026-02-01",0.01555,[368],{"source":82,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":369,"cvss_v4_0":9},{"baseScore":80,"baseSeverity":370,"vectorString":83,"impactScore":371,"exploitabilityScore":372},"HIGH",9.8,4.6,[374,397],{"ecosystem":9,"name":375,"vendor":376,"product":376,"cpe_part":377,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":378},"Linux","linux","a",[379,386,389,392,395],{"version":380,"is_range":381,"range_type":88,"version_start":382,"version_start_type":383,"version_end":384,"version_end_type":385,"fixed_in":9},">= c37b2b6269ee4637fb7cdb5da0d1e47215d57ce2, \u003C 7e4c72dbaf62f8978af8321a24dbd35566d3a78a",true,"c37b2b6269ee4637fb7cdb5da0d1e47215d57ce2","including","7e4c72dbaf62f8978af8321a24dbd35566d3a78a","excluding",{"version":387,"is_range":381,"range_type":88,"version_start":382,"version_start_type":383,"version_end":388,"version_end_type":385,"fixed_in":9},">= c37b2b6269ee4637fb7cdb5da0d1e47215d57ce2, \u003C a7b717fa15165d3d9245614680bebc48a52ac05d","a7b717fa15165d3d9245614680bebc48a52ac05d",{"version":390,"is_range":381,"range_type":88,"version_start":382,"version_start_type":383,"version_end":391,"version_end_type":385,"fixed_in":9},">= c37b2b6269ee4637fb7cdb5da0d1e47215d57ce2, \u003C 9372fa1d73da5f1673921e365d0cd2c27ec7adc2","9372fa1d73da5f1673921e365d0cd2c27ec7adc2",{"version":393,"is_range":381,"range_type":88,"version_start":382,"version_start_type":383,"version_end":394,"version_end_type":385,"fixed_in":9},">= c37b2b6269ee4637fb7cdb5da0d1e47215d57ce2, \u003C 28b21c558a3753171097193b6f6602a94169093a","28b21c558a3753171097193b6f6602a94169093a",{"version":396,"is_range":76,"range_type":88,"version_start":396,"version_start_type":383,"version_end":396,"version_end_type":383,"fixed_in":9},"3.7",{"ecosystem":9,"name":398,"vendor":376,"product":399,"cpe_part":400,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":401},"linux kernel","linux_kernel","o",[402,406,410,414,416],{"version":403,"is_range":381,"range_type":404,"version_start":9,"version_start_type":9,"version_end":405,"version_end_type":385,"fixed_in":9},"lt5.10.226","cpe","5.10.226",{"version":407,"is_range":381,"range_type":404,"version_start":408,"version_start_type":383,"version_end":409,"version_end_type":385,"fixed_in":9},"gte5.11_lt5.15.22","5.11","5.15.22",{"version":411,"is_range":381,"range_type":404,"version_start":412,"version_start_type":383,"version_end":413,"version_end_type":385,"fixed_in":9},"gte5.16_lt5.16.8","5.16","5.16.8",{"version":415,"is_range":76,"range_type":404,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.17:rc1",{"version":417,"is_range":76,"range_type":404,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.17:rc2"]