CVE-2022-48638

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-48638

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-48638.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-48638

Downstream

DEBIAN-CVE-2022-48638

RHSA-2024:6993

RHSA-2024:6998

SUSE-SU-2024:1641-1

SUSE-SU-2024:1642-1

SUSE-SU-2024:1644-1

SUSE-SU-2024:1645-1

SUSE-SU-2024:1647-1

SUSE-SU-2024:1659-1

SUSE-SU-2024:1663-1

UBUNTU-CVE-2022-48638

Related

Published

2024-04-28T12:59:37.596Z

Modified

2025-12-04T11:03:58.708104Z

Severity

5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L CVSS Calculator

Summary

cgroup: cgroup_get_from_id() must check the looked-up kn is a directory

Details

In the Linux kernel, the following vulnerability has been resolved:

cgroup: cgroupgetfrom_id() must check the looked-up kn is a directory

cgroup has to be one kernfs dir, otherwise kernel panic is caused, especially cgroup id is provide from userspace.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/48xxx/CVE-2022-48638.json",
    "cna_assigner": "Linux"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

6b658c4863c15936872a93c9ee879043bf6393c9

Fixed

8484a356cee8ce3d6a8e6266ff99be326e9273ad

Fixed

1e9571887f97b17cf3ffe9aa4da89090ea60988b

Fixed

df02452f3df069a59bc9e69c84435bf115cb6e37

Affected versions

v5.*

v5.13

v5.13-rc2

v5.13-rc3

v5.13-rc4

v5.13-rc5

v5.13-rc6

v5.13-rc7

v5.14

v5.14-rc1

v5.14-rc2

v5.14-rc3

v5.14-rc4

v5.14-rc5

v5.14-rc6

v5.14-rc7

v5.15

v5.15-rc1

v5.15-rc2

v5.15-rc3

v5.15-rc4

v5.15-rc5

v5.15-rc6

v5.15-rc7

v5.15.1

v5.15.10

v5.15.11

v5.15.12

v5.15.13

v5.15.14

v5.15.15

v5.15.16

v5.15.17

v5.15.18

v5.15.19

v5.15.2

v5.15.20

v5.15.21

v5.15.22

v5.15.23

v5.15.24

v5.15.25

v5.15.26

v5.15.27

v5.15.28

v5.15.29

v5.15.3

v5.15.30

v5.15.31

v5.15.32

v5.15.33

v5.15.34

v5.15.35

v5.15.36

v5.15.37

v5.15.38

v5.15.39

v5.15.4

v5.15.40

v5.15.41

v5.15.42

v5.15.43

v5.15.44

v5.15.45

v5.15.46

v5.15.47

v5.15.48

v5.15.49

v5.15.5

v5.15.50

v5.15.51

v5.15.52

v5.15.53

v5.15.54

v5.15.55

v5.15.56

v5.15.57

v5.15.58

v5.15.59

v5.15.6

v5.15.60

v5.15.61

v5.15.62

v5.15.63

v5.15.64

v5.15.65

v5.15.66

v5.15.67

v5.15.68

v5.15.69

v5.15.7

v5.15.70

v5.15.71

v5.15.8

v5.15.9

v5.16

v5.16-rc1

v5.16-rc2

v5.16-rc3

v5.16-rc4

v5.16-rc5

v5.16-rc6

v5.16-rc7

v5.16-rc8

v5.17

v5.17-rc1

v5.17-rc2

v5.17-rc3

v5.17-rc4

v5.17-rc5

v5.17-rc6

v5.17-rc7

v5.17-rc8

v5.18

v5.18-rc1

v5.18-rc2

v5.18-rc3

v5.18-rc4

v5.18-rc5

v5.18-rc6

v5.18-rc7

v5.19

v5.19-rc1

v5.19-rc2

v5.19-rc3

v5.19-rc4

v5.19-rc5

v5.19-rc6

v5.19-rc7

v5.19-rc8

v5.19.1

v5.19.10

v5.19.11

v5.19.2

v5.19.3

v5.19.4

v5.19.5

v5.19.6

v5.19.7

v5.19.8

v5.19.9

v6.*

v6.0-rc1

v6.0-rc2

v6.0-rc3

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

5.14.0

Fixed

5.15.72

Type: ECOSYSTEM
Events: Introduced

5.16.0

Fixed

5.19.12