CVE-2022-48747

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2022-48747
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-48747.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-48747
Downstream
Related
Published
2024-06-20T11:13:29.951Z
Modified
2026-03-14T12:00:05.776257Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
block: Fix wrong offset in bio_truncate()
Details

In the Linux kernel, the following vulnerability has been resolved:

block: Fix wrong offset in bio_truncate()

biotruncate() clears the buffer outside of last block of bdev, however current biotruncate() is using the wrong offset of page. So it can return the uninitialized data.

This happened when both of truncated/corrupted FS and userspace (via bdev) are trying to read the last of bdev.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/48xxx/CVE-2022-48747.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
943cd69efac437d82a7aea0659fccbcc071730de
Fixed
6cbf4c731d7812518cd857c2cfc3da9fd120f6ae
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
85a8ce62c2eabe28b9d76ca4eecf37922402df93
Fixed
b63e120189fd92aff00096d11e2fc5253f60248b
Fixed
4633a79ff8bc82770486a063a08b55e5162521d8
Fixed
941d5180c430ce5b0f7a3622ef9b76077bfa3d82
Fixed
3ee859e384d453d6ac68bfd5971f630d9fa46ad3

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-48747.json"