DEBIAN-CVE-2022-48502
Advisory lineage Upstream: 1 Downstream: 0
Upstream
Published: 31 May 2023, 20:15
Last modified:28 Apr 2026, 20:24
Vulnerability Summary
Overall Risk (default)
medium
28/100 CVSS Score
7.1 HIGH
3.1 (osv_debian)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
31 May 2023, 20:15
Published
Vulnerability first disclosed
28 Apr 2026, 20:24
Last Modified
Vulnerability information updated
Description
An issue was discovered in the Linux kernel before 6.2. The ntfs3 subsystem does not properly check for correctness during disk reads, leading to an out-of-bounds read in ntfs_set_ea in fs/ntfs3/xattr.c.
CVSS Metrics
- v3.1•HIGH•Score: 7.1CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Affected Systems
- debian•linux
< 6.1.52-1 | < 6.3.7-1 | < 6.3.7-1