In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs.
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-48425.json"
[
{
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"18100421630823678373477621906544922954",
"220698823264940700298505916850733421376",
"43812813351312653024535345153403441311"
],
"threshold": 0.9
},
"signature_type": "Line",
"id": "CVE-2022-48425-61a7ecdb",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@467333af2f7b95eeaa61a5b5369a80063cd971fd",
"target": {
"file": "fs/ntfs3/inode.c"
}
},
{
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 9593.0,
"function_hash": "211838791523809196727292984607133266747"
},
"signature_type": "Function",
"id": "CVE-2022-48425-df430ba5",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@467333af2f7b95eeaa61a5b5369a80063cd971fd",
"target": {
"function": "ntfs_read_mft",
"file": "fs/ntfs3/inode.c"
}
}
]