In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix UAF when detecting digest errors We should also bail from the io_work loop when we set rd_enabled to true, so we don't attempt to read data from the socket when the TCP stream is already out-of-sync or corrupted.
History

Tue, 26 Nov 2024 19:00:00 +0000

Type Values Removed Values Added
First Time appeared Redhat rhel Eus
CPEs cpe:/o:redhat:rhel_eus:8.8
Vendors & Products Redhat rhel Eus

Thu, 21 Nov 2024 22:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

cvssV3_1

{'score': 6.2, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}


Tue, 24 Sep 2024 11:15:00 +0000

Type Values Removed Values Added
First Time appeared Redhat
Redhat rhel Aus
Redhat rhel E4s
Redhat rhel Tus
CPEs cpe:/o:redhat:rhel_aus:8.6
cpe:/o:redhat:rhel_e4s:8.6
cpe:/o:redhat:rhel_tus:8.6
Vendors & Products Redhat
Redhat rhel Aus
Redhat rhel E4s
Redhat rhel Tus

cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-05-03T14:59:10.472Z

Updated: 2024-12-19T08:05:33.663Z

Reserved: 2024-05-03T14:55:07.143Z

Link: CVE-2022-48686

cve-icon Vulnrichment

Updated: 2024-08-03T15:17:55.855Z

cve-icon NVD

Status : Modified

Published: 2024-05-03T15:15:07.673

Modified: 2024-11-21T22:15:05.023

Link: CVE-2022-48686

cve-icon Redhat

Severity : Moderate

Publid Date: 2024-05-03T00:00:00Z

Links: CVE-2022-48686 - Bugzilla