CVE-2022-48757 - Vulnerability Details

Vendors	Products
Redhat	Enterprise Linux Rhel Eus

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 8
kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10	cpe:/a:redhat:enterprise_linux:8::nfv	RHSA-2024:5102	2024-08-08T00:00:00Z
kernel-0:4.18.0-553.16.1.el8_10	cpe:/o:redhat:enterprise_linux:8	RHSA-2024:5101	2024-08-08T00:00:00Z
Red Hat Enterprise Linux 8.8 Extended Update Support
kernel-0:4.18.0-477.70.1.el8_8	cpe:/o:redhat:rhel_eus:8.8	RHSA-2024:6206	2024-09-03T00:00:00Z

Link	Providers
https://git.kernel.org/stable/c/47934e06b65637c88a762d9c98329ae6e3238888
https://git.kernel.org/stable/c/839ec7039513a4f84bfbaff953a9393471176bee
https://git.kernel.org/stable/c/8f88c78d24f6f346919007cd459fd7e51a8c7779
https://git.kernel.org/stable/c/b67ad6170c0ea87391bb253f35d1f78857736e54
https://git.kernel.org/stable/c/be1ca30331c7923c6f376610c1bd6059be9b1908
https://git.kernel.org/stable/c/c38023032a598ec6263e008d62c7f02def72d5c7
https://git.kernel.org/stable/c/db044d97460ea792110eb8b971e82569ded536c6
https://git.kernel.org/stable/c/e372ecd455b6ebc7720f52bf4b5f5d44d02f2092
https://git.kernel.org/stable/c/e43669c77cb3a742b7d84ecdc7c68c4167a7709b
https://lore.kernel.org/linux-cve-announce/2024062007-CVE-2022-48757-c816@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2022-48757
https://www.cve.org/CVERecord?id=CVE-2022-48757

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Type	Values Removed	Values Added
First Time appeared		Redhat rhel Eus
CPEs		cpe:/o:redhat:rhel_eus:8.8
Vendors & Products		Redhat rhel Eus

Type	Values Removed	Values Added
First Time appeared		Redhat Redhat enterprise Linux
CPEs		cpe:/a:redhat:enterprise_linux:8::nfv cpe:/o:redhat:enterprise_linux:8
Vendors & Products		Redhat Redhat enterprise Linux

Show plain JSON

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-48757", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-06-20T11:09:39.059Z", "datePublished": "2024-06-20T11:13:36.529Z", "dateUpdated": "2025-05-04T08:22:27.780Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T08:22:27.780Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix information leakage in /proc/net/ptype\n\nIn one net namespace, after creating a packet socket without binding\nit to a device, users in other net namespaces can observe the new\n`packet_type` added by this packet socket by reading `/proc/net/ptype`\nfile. This is minor information leakage as packet socket is\nnamespace aware.\n\nAdd a net pointer in `packet_type` to keep the net namespace of\nof corresponding packet socket. In `ptype_seq_show`, this net pointer\nmust be checked when it is not NULL."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["include/linux/netdevice.h", "net/core/net-procfs.c", "net/packet/af_packet.c"], "versions": [{"version": "2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50", "lessThan": "8f88c78d24f6f346919007cd459fd7e51a8c7779", "status": "affected", "versionType": "git"}, {"version": "2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50", "lessThan": "be1ca30331c7923c6f376610c1bd6059be9b1908", "status": "affected", "versionType": "git"}, {"version": "2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50", "lessThan": "c38023032a598ec6263e008d62c7f02def72d5c7", "status": "affected", "versionType": "git"}, {"version": "2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50", "lessThan": "b67ad6170c0ea87391bb253f35d1f78857736e54", "status": "affected", "versionType": "git"}, {"version": "2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50", "lessThan": "e372ecd455b6ebc7720f52bf4b5f5d44d02f2092", "status": "affected", "versionType": "git"}, {"version": "2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50", "lessThan": "db044d97460ea792110eb8b971e82569ded536c6", "status": "affected", "versionType": "git"}, {"version": "2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50", "lessThan": "e43669c77cb3a742b7d84ecdc7c68c4167a7709b", "status": "affected", "versionType": "git"}, {"version": "2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50", "lessThan": "839ec7039513a4f84bfbaff953a9393471176bee", "status": "affected", "versionType": "git"}, {"version": "2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50", "lessThan": "47934e06b65637c88a762d9c98329ae6e3238888", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["include/linux/netdevice.h", "net/core/net-procfs.c", "net/packet/af_packet.c"], "versions": [{"version": "2.6.26", "status": "affected"}, {"version": "0", "lessThan": "2.6.26", "status": "unaffected", "versionType": "semver"}, {"version": "4.4.302", "lessThanOrEqual": "4.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "4.9.300", "lessThanOrEqual": "4.9.*", "status": "unaffected", "versionType": "semver"}, {"version": "4.14.265", "lessThanOrEqual": "4.14.*", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.228", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.176", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.96", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.19", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.16.5", "lessThanOrEqual": "5.16.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.17", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.26", "versionEndExcluding": "4.4.302"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.26", "versionEndExcluding": "4.9.300"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.26", "versionEndExcluding": "4.14.265"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.26", "versionEndExcluding": "4.19.228"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.26", "versionEndExcluding": "5.4.176"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.26", "versionEndExcluding": "5.10.96"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.26", "versionEndExcluding": "5.15.19"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.26", "versionEndExcluding": "5.16.5"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.26", "versionEndExcluding": "5.17"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/8f88c78d24f6f346919007cd459fd7e51a8c7779"}, {"url": "https://git.kernel.org/stable/c/be1ca30331c7923c6f376610c1bd6059be9b1908"}, {"url": "https://git.kernel.org/stable/c/c38023032a598ec6263e008d62c7f02def72d5c7"}, {"url": "https://git.kernel.org/stable/c/b67ad6170c0ea87391bb253f35d1f78857736e54"}, {"url": "https://git.kernel.org/stable/c/e372ecd455b6ebc7720f52bf4b5f5d44d02f2092"}, {"url": "https://git.kernel.org/stable/c/db044d97460ea792110eb8b971e82569ded536c6"}, {"url": "https://git.kernel.org/stable/c/e43669c77cb3a742b7d84ecdc7c68c4167a7709b"}, {"url": "https://git.kernel.org/stable/c/839ec7039513a4f84bfbaff953a9393471176bee"}, {"url": "https://git.kernel.org/stable/c/47934e06b65637c88a762d9c98329ae6e3238888"}], "title": "net: fix information leakage in /proc/net/ptype", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T15:25:01.373Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/8f88c78d24f6f346919007cd459fd7e51a8c7779", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/be1ca30331c7923c6f376610c1bd6059be9b1908", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c38023032a598ec6263e008d62c7f02def72d5c7", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b67ad6170c0ea87391bb253f35d1f78857736e54", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e372ecd455b6ebc7720f52bf4b5f5d44d02f2092", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/db044d97460ea792110eb8b971e82569ded536c6", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e43669c77cb3a742b7d84ecdc7c68c4167a7709b", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/839ec7039513a4f84bfbaff953a9393471176bee", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/47934e06b65637c88a762d9c98329ae6e3238888", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-48757", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T17:10:16.134809Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:34:47.482Z"}}]}}

{

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

cveMetadata : { »

cveId : CVE-2022-48757 (string)

assignerOrgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

state : PUBLISHED (string)

assignerShortName : Linux (string)

dateReserved : 2024-06-20T11:09:39.059Z (string)

datePublished : 2024-06-20T11:13:36.529Z (string)

dateUpdated : 2025-05-04T08:22:27.780Z (string)

}

containers : { »

cna : { »

providerMetadata : { »

orgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

shortName : Linux (string)

dateUpdated : 2025-05-04T08:22:27.780Z (string)

}

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: net: fix information leakage in /proc/net/ptype In one net namespace, after creating a packet socket without binding it to a device, users in other net namespaces can observe the new `packet_type` added by this packet socket by reading `/proc/net/ptype` file. This is minor information leakage as packet socket is namespace aware. Add a net pointer in `packet_type` to keep the net namespace of of corresponding packet socket. In `ptype_seq_show`, this net pointer must be checked when it is not NULL. (string)

}

]

affected : [ »

0 : { »

product : Linux (string)

vendor : Linux (string)

defaultStatus : unaffected (string)

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

programFiles : [ »

0 : include/linux/netdevice.h (string)

1 : net/core/net-procfs.c (string)

2 : net/packet/af_packet.c (string)

]

versions : [ »

0 : { »

version : 2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50 (string)

lessThan : 8f88c78d24f6f346919007cd459fd7e51a8c7779 (string)

status : affected (string)

versionType : git (string)

}

1 : { »

version : 2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50 (string)

lessThan : be1ca30331c7923c6f376610c1bd6059be9b1908 (string)

status : affected (string)

versionType : git (string)

}

2 : { »

version : 2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50 (string)

lessThan : c38023032a598ec6263e008d62c7f02def72d5c7 (string)

status : affected (string)

versionType : git (string)

}

3 : { »

version : 2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50 (string)

lessThan : b67ad6170c0ea87391bb253f35d1f78857736e54 (string)

status : affected (string)

versionType : git (string)

}

4 : { »

version : 2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50 (string)

lessThan : e372ecd455b6ebc7720f52bf4b5f5d44d02f2092 (string)

status : affected (string)

versionType : git (string)

}

5 : { »

version : 2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50 (string)

lessThan : db044d97460ea792110eb8b971e82569ded536c6 (string)

status : affected (string)

versionType : git (string)

}

6 : { »

version : 2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50 (string)

lessThan : e43669c77cb3a742b7d84ecdc7c68c4167a7709b (string)

status : affected (string)

versionType : git (string)

}

7 : { »

version : 2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50 (string)

lessThan : 839ec7039513a4f84bfbaff953a9393471176bee (string)

status : affected (string)

versionType : git (string)

}

8 : { »

version : 2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50 (string)

lessThan : 47934e06b65637c88a762d9c98329ae6e3238888 (string)

status : affected (string)

versionType : git (string)

}

]

}

1 : { »

product : Linux (string)

vendor : Linux (string)

defaultStatus : affected (string)

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

programFiles : [ »

0 : include/linux/netdevice.h (string)

1 : net/core/net-procfs.c (string)

2 : net/packet/af_packet.c (string)

]

versions : [ »

0 : { »

version : 2.6.26 (string)

status : affected (string)

}

1 : { »

version : 0 (string)

lessThan : 2.6.26 (string)

status : unaffected (string)

versionType : semver (string)

}

2 : { »

version : 4.4.302 (string)

lessThanOrEqual : 4.4.* (string)

status : unaffected (string)

versionType : semver (string)

}

3 : { »

version : 4.9.300 (string)

lessThanOrEqual : 4.9.* (string)

status : unaffected (string)

versionType : semver (string)

}

4 : { »

version : 4.14.265 (string)

lessThanOrEqual : 4.14.* (string)

status : unaffected (string)

versionType : semver (string)

}

5 : { »

version : 4.19.228 (string)

lessThanOrEqual : 4.19.* (string)

status : unaffected (string)

versionType : semver (string)

}

6 : { »

version : 5.4.176 (string)

lessThanOrEqual : 5.4.* (string)

status : unaffected (string)

versionType : semver (string)

}

7 : { »

version : 5.10.96 (string)

lessThanOrEqual : 5.10.* (string)

status : unaffected (string)

versionType : semver (string)

}

8 : { »

version : 5.15.19 (string)

lessThanOrEqual : 5.15.* (string)

status : unaffected (string)

versionType : semver (string)

}

9 : { »

version : 5.16.5 (string)

lessThanOrEqual : 5.16.* (string)

status : unaffected (string)

versionType : semver (string)

}

10 : { »

version : 5.17 (string)

lessThanOrEqual : * (string)

status : unaffected (string)

versionType : original_commit_for_fix (string)

}

]

}

]

cpeApplicability : [ »

0 : { »

nodes : [ »

0 : { »

operator : OR (string)

negate : false (boolean)

cpeMatch : [ »

0 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 2.6.26 (string)

versionEndExcluding : 4.4.302 (string)

}

1 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 2.6.26 (string)

versionEndExcluding : 4.9.300 (string)

}

2 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 2.6.26 (string)

versionEndExcluding : 4.14.265 (string)

}

3 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 2.6.26 (string)

versionEndExcluding : 4.19.228 (string)

}

4 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 2.6.26 (string)

versionEndExcluding : 5.4.176 (string)

}

5 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 2.6.26 (string)

versionEndExcluding : 5.10.96 (string)

}

6 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 2.6.26 (string)

versionEndExcluding : 5.15.19 (string)

}

7 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 2.6.26 (string)

versionEndExcluding : 5.16.5 (string)

}

8 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 2.6.26 (string)

versionEndExcluding : 5.17 (string)

}

]

}

]

}

]

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/8f88c78d24f6f346919007cd459fd7e51a8c7779 (string)

}

1 : { »

url : https://git.kernel.org/stable/c/be1ca30331c7923c6f376610c1bd6059be9b1908 (string)

}

2 : { »

url : https://git.kernel.org/stable/c/c38023032a598ec6263e008d62c7f02def72d5c7 (string)

}

3 : { »

url : https://git.kernel.org/stable/c/b67ad6170c0ea87391bb253f35d1f78857736e54 (string)

}

4 : { »

url : https://git.kernel.org/stable/c/e372ecd455b6ebc7720f52bf4b5f5d44d02f2092 (string)

}

5 : { »

url : https://git.kernel.org/stable/c/db044d97460ea792110eb8b971e82569ded536c6 (string)

}

6 : { »

url : https://git.kernel.org/stable/c/e43669c77cb3a742b7d84ecdc7c68c4167a7709b (string)

}

7 : { »

url : https://git.kernel.org/stable/c/839ec7039513a4f84bfbaff953a9393471176bee (string)

}

8 : { »

url : https://git.kernel.org/stable/c/47934e06b65637c88a762d9c98329ae6e3238888 (string)

}

]

title : net: fix information leakage in /proc/net/ptype (string)

x_generator : { »

engine : bippy-1.2.0 (string)

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-03T15:25:01.373Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/8f88c78d24f6f346919007cd459fd7e51a8c7779 (string)

tags : [ »

0 : x_transferred (string)

]

}

1 : { »

url : https://git.kernel.org/stable/c/be1ca30331c7923c6f376610c1bd6059be9b1908 (string)

tags : [ »

0 : x_transferred (string)

]

}

2 : { »

url : https://git.kernel.org/stable/c/c38023032a598ec6263e008d62c7f02def72d5c7 (string)

tags : [ »

0 : x_transferred (string)

]

}

3 : { »

url : https://git.kernel.org/stable/c/b67ad6170c0ea87391bb253f35d1f78857736e54 (string)

tags : [ »

0 : x_transferred (string)

]

}

4 : { »

url : https://git.kernel.org/stable/c/e372ecd455b6ebc7720f52bf4b5f5d44d02f2092 (string)

tags : [ »

0 : x_transferred (string)

]

}

5 : { »

url : https://git.kernel.org/stable/c/db044d97460ea792110eb8b971e82569ded536c6 (string)

tags : [ »

0 : x_transferred (string)

]

}

6 : { »

url : https://git.kernel.org/stable/c/e43669c77cb3a742b7d84ecdc7c68c4167a7709b (string)

tags : [ »

0 : x_transferred (string)

]

}

7 : { »

url : https://git.kernel.org/stable/c/839ec7039513a4f84bfbaff953a9393471176bee (string)

tags : [ »

0 : x_transferred (string)

]

}

8 : { »

url : https://git.kernel.org/stable/c/47934e06b65637c88a762d9c98329ae6e3238888 (string)

tags : [ »

0 : x_transferred (string)

]

}

]

}

1 : { »

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

id : CVE-2022-48757 (string)

role : CISA Coordinator (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : partial (string)

}

]

version : 2.0.3 (string)

timestamp : 2024-09-10T17:10:16.134809Z (string)

}

]

title : CISA ADP Vulnrichment (string)

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-09-11T17:34:47.482Z (string)

}

]

}

Show plain JSON

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/8f88c78d24f6f346919007cd459fd7e51a8c7779", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/be1ca30331c7923c6f376610c1bd6059be9b1908", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c38023032a598ec6263e008d62c7f02def72d5c7", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b67ad6170c0ea87391bb253f35d1f78857736e54", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e372ecd455b6ebc7720f52bf4b5f5d44d02f2092", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/db044d97460ea792110eb8b971e82569ded536c6", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e43669c77cb3a742b7d84ecdc7c68c4167a7709b", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/839ec7039513a4f84bfbaff953a9393471176bee", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/47934e06b65637c88a762d9c98329ae6e3238888", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T15:25:01.373Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-48757", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T17:10:16.134809Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:25.927Z"}}], "cna": {"title": "net: fix information leakage in /proc/net/ptype", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50", "lessThan": "8f88c78d24f6f346919007cd459fd7e51a8c7779", "versionType": "git"}, {"status": "affected", "version": "2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50", "lessThan": "be1ca30331c7923c6f376610c1bd6059be9b1908", "versionType": "git"}, {"status": "affected", "version": "2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50", "lessThan": "c38023032a598ec6263e008d62c7f02def72d5c7", "versionType": "git"}, {"status": "affected", "version": "2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50", "lessThan": "b67ad6170c0ea87391bb253f35d1f78857736e54", "versionType": "git"}, {"status": "affected", "version": "2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50", "lessThan": "e372ecd455b6ebc7720f52bf4b5f5d44d02f2092", "versionType": "git"}, {"status": "affected", "version": "2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50", "lessThan": "db044d97460ea792110eb8b971e82569ded536c6", "versionType": "git"}, {"status": "affected", "version": "2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50", "lessThan": "e43669c77cb3a742b7d84ecdc7c68c4167a7709b", "versionType": "git"}, {"status": "affected", "version": "2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50", "lessThan": "839ec7039513a4f84bfbaff953a9393471176bee", "versionType": "git"}, {"status": "affected", "version": "2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50", "lessThan": "47934e06b65637c88a762d9c98329ae6e3238888", "versionType": "git"}], "programFiles": ["include/linux/netdevice.h", "net/core/net-procfs.c", "net/packet/af_packet.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "2.6.26"}, {"status": "unaffected", "version": "0", "lessThan": "2.6.26", "versionType": "semver"}, {"status": "unaffected", "version": "4.4.302", "versionType": "semver", "lessThanOrEqual": "4.4.*"}, {"status": "unaffected", "version": "4.9.300", "versionType": "semver", "lessThanOrEqual": "4.9.*"}, {"status": "unaffected", "version": "4.14.265", "versionType": "semver", "lessThanOrEqual": "4.14.*"}, {"status": "unaffected", "version": "4.19.228", "versionType": "semver", "lessThanOrEqual": "4.19.*"}, {"status": "unaffected", "version": "5.4.176", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.96", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.19", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "5.16.5", "versionType": "semver", "lessThanOrEqual": "5.16.*"}, {"status": "unaffected", "version": "5.17", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["include/linux/netdevice.h", "net/core/net-procfs.c", "net/packet/af_packet.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/8f88c78d24f6f346919007cd459fd7e51a8c7779"}, {"url": "https://git.kernel.org/stable/c/be1ca30331c7923c6f376610c1bd6059be9b1908"}, {"url": "https://git.kernel.org/stable/c/c38023032a598ec6263e008d62c7f02def72d5c7"}, {"url": "https://git.kernel.org/stable/c/b67ad6170c0ea87391bb253f35d1f78857736e54"}, {"url": "https://git.kernel.org/stable/c/e372ecd455b6ebc7720f52bf4b5f5d44d02f2092"}, {"url": "https://git.kernel.org/stable/c/db044d97460ea792110eb8b971e82569ded536c6"}, {"url": "https://git.kernel.org/stable/c/e43669c77cb3a742b7d84ecdc7c68c4167a7709b"}, {"url": "https://git.kernel.org/stable/c/839ec7039513a4f84bfbaff953a9393471176bee"}, {"url": "https://git.kernel.org/stable/c/47934e06b65637c88a762d9c98329ae6e3238888"}], "x_generator": {"engine": "bippy-1.2.0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix information leakage in /proc/net/ptype\n\nIn one net namespace, after creating a packet socket without binding\nit to a device, users in other net namespaces can observe the new\n`packet_type` added by this packet socket by reading `/proc/net/ptype`\nfile. This is minor information leakage as packet socket is\nnamespace aware.\n\nAdd a net pointer in `packet_type` to keep the net namespace of\nof corresponding packet socket. In `ptype_seq_show`, this net pointer\nmust be checked when it is not NULL."}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.4.302", "versionStartIncluding": "2.6.26"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.9.300", "versionStartIncluding": "2.6.26"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.14.265", "versionStartIncluding": "2.6.26"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.19.228", "versionStartIncluding": "2.6.26"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.4.176", "versionStartIncluding": "2.6.26"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.10.96", "versionStartIncluding": "2.6.26"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.15.19", "versionStartIncluding": "2.6.26"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.16.5", "versionStartIncluding": "2.6.26"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.17", "versionStartIncluding": "2.6.26"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T08:22:27.780Z"}}}, "cveMetadata": {"cveId": "CVE-2022-48757", "state": "PUBLISHED", "dateUpdated": "2025-05-04T08:22:27.780Z", "dateReserved": "2024-06-20T11:09:39.059Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-06-20T11:13:36.529Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{

dataType : CVE_RECORD (string)

containers : { »

adp : [ »

0 : { »

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/8f88c78d24f6f346919007cd459fd7e51a8c7779 (string)

tags : [ »

0 : x_transferred (string)

]

}

1 : { »

url : https://git.kernel.org/stable/c/be1ca30331c7923c6f376610c1bd6059be9b1908 (string)

tags : [ »

0 : x_transferred (string)

]

}

2 : { »

url : https://git.kernel.org/stable/c/c38023032a598ec6263e008d62c7f02def72d5c7 (string)

tags : [ »

0 : x_transferred (string)

]

}

3 : { »

url : https://git.kernel.org/stable/c/b67ad6170c0ea87391bb253f35d1f78857736e54 (string)

tags : [ »

0 : x_transferred (string)

]

}

4 : { »

url : https://git.kernel.org/stable/c/e372ecd455b6ebc7720f52bf4b5f5d44d02f2092 (string)

tags : [ »

0 : x_transferred (string)

]

}

5 : { »

url : https://git.kernel.org/stable/c/db044d97460ea792110eb8b971e82569ded536c6 (string)

tags : [ »

0 : x_transferred (string)

]

}

6 : { »

url : https://git.kernel.org/stable/c/e43669c77cb3a742b7d84ecdc7c68c4167a7709b (string)

tags : [ »

0 : x_transferred (string)

]

}

7 : { »

url : https://git.kernel.org/stable/c/839ec7039513a4f84bfbaff953a9393471176bee (string)

tags : [ »

0 : x_transferred (string)

]

}

8 : { »

url : https://git.kernel.org/stable/c/47934e06b65637c88a762d9c98329ae6e3238888 (string)

tags : [ »

0 : x_transferred (string)

]

}

]

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-03T15:25:01.373Z (string)

}

1 : { »

title : CISA ADP Vulnrichment (string)

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

id : CVE-2022-48757 (string)

role : CISA Coordinator (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : partial (string)

}

]

version : 2.0.3 (string)

timestamp : 2024-09-10T17:10:16.134809Z (string)

}

]

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-09-11T12:42:25.927Z (string)

}

]

cna : { »

title : net: fix information leakage in /proc/net/ptype (string)

affected : [ »

0 : { »

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

vendor : Linux (string)

product : Linux (string)

versions : [ »

0 : { »

status : affected (string)

version : 2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50 (string)

lessThan : 8f88c78d24f6f346919007cd459fd7e51a8c7779 (string)

versionType : git (string)

}

1 : { »

status : affected (string)

version : 2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50 (string)

lessThan : be1ca30331c7923c6f376610c1bd6059be9b1908 (string)

versionType : git (string)

}

2 : { »

status : affected (string)

version : 2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50 (string)

lessThan : c38023032a598ec6263e008d62c7f02def72d5c7 (string)

versionType : git (string)

}

3 : { »

status : affected (string)

version : 2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50 (string)

lessThan : b67ad6170c0ea87391bb253f35d1f78857736e54 (string)

versionType : git (string)

}

4 : { »

status : affected (string)

version : 2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50 (string)

lessThan : e372ecd455b6ebc7720f52bf4b5f5d44d02f2092 (string)

versionType : git (string)

}

5 : { »

status : affected (string)

version : 2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50 (string)

lessThan : db044d97460ea792110eb8b971e82569ded536c6 (string)

versionType : git (string)

}

6 : { »

status : affected (string)

version : 2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50 (string)

lessThan : e43669c77cb3a742b7d84ecdc7c68c4167a7709b (string)

versionType : git (string)

}

7 : { »

status : affected (string)

version : 2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50 (string)

lessThan : 839ec7039513a4f84bfbaff953a9393471176bee (string)

versionType : git (string)

}

8 : { »

status : affected (string)

version : 2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50 (string)

lessThan : 47934e06b65637c88a762d9c98329ae6e3238888 (string)

versionType : git (string)

}

]

programFiles : [ »

0 : include/linux/netdevice.h (string)

1 : net/core/net-procfs.c (string)

2 : net/packet/af_packet.c (string)

]

defaultStatus : unaffected (string)

}

1 : { »

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

vendor : Linux (string)

product : Linux (string)

versions : [ »

0 : { »

status : affected (string)

version : 2.6.26 (string)

}

1 : { »

status : unaffected (string)

version : 0 (string)

lessThan : 2.6.26 (string)

versionType : semver (string)

}

2 : { »

status : unaffected (string)

version : 4.4.302 (string)

versionType : semver (string)

lessThanOrEqual : 4.4.* (string)

}

3 : { »

status : unaffected (string)

version : 4.9.300 (string)

versionType : semver (string)

lessThanOrEqual : 4.9.* (string)

}

4 : { »

status : unaffected (string)

version : 4.14.265 (string)

versionType : semver (string)

lessThanOrEqual : 4.14.* (string)

}

5 : { »

status : unaffected (string)

version : 4.19.228 (string)

versionType : semver (string)

lessThanOrEqual : 4.19.* (string)

}

6 : { »

status : unaffected (string)

version : 5.4.176 (string)

versionType : semver (string)

lessThanOrEqual : 5.4.* (string)

}

7 : { »

status : unaffected (string)

version : 5.10.96 (string)

versionType : semver (string)

lessThanOrEqual : 5.10.* (string)

}

8 : { »

status : unaffected (string)

version : 5.15.19 (string)

versionType : semver (string)

lessThanOrEqual : 5.15.* (string)

}

9 : { »

status : unaffected (string)

version : 5.16.5 (string)

versionType : semver (string)

lessThanOrEqual : 5.16.* (string)

}

10 : { »

status : unaffected (string)

version : 5.17 (string)

versionType : original_commit_for_fix (string)

lessThanOrEqual : * (string)

}

]

programFiles : [ »

0 : include/linux/netdevice.h (string)

1 : net/core/net-procfs.c (string)

2 : net/packet/af_packet.c (string)

]

defaultStatus : affected (string)

}

]

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/8f88c78d24f6f346919007cd459fd7e51a8c7779 (string)

}

1 : { »

url : https://git.kernel.org/stable/c/be1ca30331c7923c6f376610c1bd6059be9b1908 (string)

}

2 : { »

url : https://git.kernel.org/stable/c/c38023032a598ec6263e008d62c7f02def72d5c7 (string)

}

3 : { »

url : https://git.kernel.org/stable/c/b67ad6170c0ea87391bb253f35d1f78857736e54 (string)

}

4 : { »

url : https://git.kernel.org/stable/c/e372ecd455b6ebc7720f52bf4b5f5d44d02f2092 (string)

}

5 : { »

url : https://git.kernel.org/stable/c/db044d97460ea792110eb8b971e82569ded536c6 (string)

}

6 : { »

url : https://git.kernel.org/stable/c/e43669c77cb3a742b7d84ecdc7c68c4167a7709b (string)

}

7 : { »

url : https://git.kernel.org/stable/c/839ec7039513a4f84bfbaff953a9393471176bee (string)

}

8 : { »

url : https://git.kernel.org/stable/c/47934e06b65637c88a762d9c98329ae6e3238888 (string)

}

]

x_generator : { »

engine : bippy-1.2.0 (string)

}

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: net: fix information leakage in /proc/net/ptype In one net namespace, after creating a packet socket without binding it to a device, users in other net namespaces can observe the new `packet_type` added by this packet socket by reading `/proc/net/ptype` file. This is minor information leakage as packet socket is namespace aware. Add a net pointer in `packet_type` to keep the net namespace of of corresponding packet socket. In `ptype_seq_show`, this net pointer must be checked when it is not NULL. (string)

}

]

cpeApplicability : [ »

0 : { »

nodes : [ »

0 : { »

negate : false (boolean)

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 4.4.302 (string)

versionStartIncluding : 2.6.26 (string)

}

1 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 4.9.300 (string)

versionStartIncluding : 2.6.26 (string)

}

2 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 4.14.265 (string)

versionStartIncluding : 2.6.26 (string)

}

3 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 4.19.228 (string)

versionStartIncluding : 2.6.26 (string)

}

4 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 5.4.176 (string)

versionStartIncluding : 2.6.26 (string)

}

5 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 5.10.96 (string)

versionStartIncluding : 2.6.26 (string)

}

6 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 5.15.19 (string)

versionStartIncluding : 2.6.26 (string)

}

7 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 5.16.5 (string)

versionStartIncluding : 2.6.26 (string)

}

8 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 5.17 (string)

versionStartIncluding : 2.6.26 (string)

}

]

operator : OR (string)

}

]

}

]

providerMetadata : { »

orgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

shortName : Linux (string)

dateUpdated : 2025-05-04T08:22:27.780Z (string)

}

cveMetadata : { »

cveId : CVE-2022-48757 (string)

state : PUBLISHED (string)

dateUpdated : 2025-05-04T08:22:27.780Z (string)

dateReserved : 2024-06-20T11:09:39.059Z (string)

assignerOrgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

datePublished : 2024-06-20T11:13:36.529Z (string)

assignerShortName : Linux (string)

}

dataVersion : 5.1 (string)

}

Show plain JSON

{"descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix information leakage in /proc/net/ptype\n\nIn one net namespace, after creating a packet socket without binding\nit to a device, users in other net namespaces can observe the new\n`packet_type` added by this packet socket by reading `/proc/net/ptype`\nfile. This is minor information leakage as packet socket is\nnamespace aware.\n\nAdd a net pointer in `packet_type` to keep the net namespace of\nof corresponding packet socket. In `ptype_seq_show`, this net pointer\nmust be checked when it is not NULL."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: corrige la fuga de informaci\u00f3n en /proc/net/ptype en un espacio de nombres de red, despu\u00e9s de crear un socket de paquetes sin vincularlo a un dispositivo, los usuarios de otros espacios de nombres de red pueden observar la nueva `packet_type` agregado por este socket de paquete leyendo el archivo `/proc/net/ptype`. Esta es una fuga de informaci\u00f3n menor ya que el socket del paquete reconoce el espacio de nombres. Agregue un puntero de red en `packet_type` para mantener el espacio de nombres de red del socket de paquete correspondiente. En `ptype_seq_show`, este puntero de red debe verificarse cuando no sea NULL."}], "id": "CVE-2022-48757", "lastModified": "2024-11-21T07:33:57.330", "metrics": {}, "published": "2024-06-20T12:15:13.823", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/47934e06b65637c88a762d9c98329ae6e3238888"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/839ec7039513a4f84bfbaff953a9393471176bee"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/8f88c78d24f6f346919007cd459fd7e51a8c7779"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/b67ad6170c0ea87391bb253f35d1f78857736e54"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/be1ca30331c7923c6f376610c1bd6059be9b1908"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/c38023032a598ec6263e008d62c7f02def72d5c7"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/db044d97460ea792110eb8b971e82569ded536c6"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/e372ecd455b6ebc7720f52bf4b5f5d44d02f2092"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/e43669c77cb3a742b7d84ecdc7c68c4167a7709b"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/47934e06b65637c88a762d9c98329ae6e3238888"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/839ec7039513a4f84bfbaff953a9393471176bee"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/8f88c78d24f6f346919007cd459fd7e51a8c7779"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/b67ad6170c0ea87391bb253f35d1f78857736e54"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/be1ca30331c7923c6f376610c1bd6059be9b1908"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/c38023032a598ec6263e008d62c7f02def72d5c7"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/db044d97460ea792110eb8b971e82569ded536c6"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/e372ecd455b6ebc7720f52bf4b5f5d44d02f2092"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/e43669c77cb3a742b7d84ecdc7c68c4167a7709b"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: net: fix information leakage in /proc/net/ptype In one net namespace, after creating a packet socket without binding it to a device, users in other net namespaces can observe the new `packet_type` added by this packet socket by reading `/proc/net/ptype` file. This is minor information leakage as packet socket is namespace aware. Add a net pointer in `packet_type` to keep the net namespace of of corresponding packet socket. In `ptype_seq_show`, this net pointer must be checked when it is not NULL. (string)

}

1 : { »

lang : es (string)

value : En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: corrige la fuga de información en /proc/net/ptype en un espacio de nombres de red, después de crear un socket de paquetes sin vincularlo a un dispositivo, los usuarios de otros espacios de nombres de red pueden observar la nueva `packet_type` agregado por este socket de paquete leyendo el archivo `/proc/net/ptype`. Esta es una fuga de información menor ya que el socket del paquete reconoce el espacio de nombres. Agregue un puntero de red en `packet_type` para mantener el espacio de nombres de red del socket de paquete correspondiente. En `ptype_seq_show`, este puntero de red debe verificarse cuando no sea NULL. (string)

}

]

id : CVE-2022-48757 (string)

lastModified : 2024-11-21T07:33:57.330 (string)

metrics : { *empty* }

published : 2024-06-20T12:15:13.823 (string)

references : [ »

0 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

url : https://git.kernel.org/stable/c/47934e06b65637c88a762d9c98329ae6e3238888 (string)

}

1 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

url : https://git.kernel.org/stable/c/839ec7039513a4f84bfbaff953a9393471176bee (string)

}

2 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

url : https://git.kernel.org/stable/c/8f88c78d24f6f346919007cd459fd7e51a8c7779 (string)

}

3 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

url : https://git.kernel.org/stable/c/b67ad6170c0ea87391bb253f35d1f78857736e54 (string)

}

4 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

url : https://git.kernel.org/stable/c/be1ca30331c7923c6f376610c1bd6059be9b1908 (string)

}

5 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

url : https://git.kernel.org/stable/c/c38023032a598ec6263e008d62c7f02def72d5c7 (string)

}

6 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

url : https://git.kernel.org/stable/c/db044d97460ea792110eb8b971e82569ded536c6 (string)

}

7 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

url : https://git.kernel.org/stable/c/e372ecd455b6ebc7720f52bf4b5f5d44d02f2092 (string)

}

8 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

url : https://git.kernel.org/stable/c/e43669c77cb3a742b7d84ecdc7c68c4167a7709b (string)

}

9 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://git.kernel.org/stable/c/47934e06b65637c88a762d9c98329ae6e3238888 (string)

}

10 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://git.kernel.org/stable/c/839ec7039513a4f84bfbaff953a9393471176bee (string)

}

11 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://git.kernel.org/stable/c/8f88c78d24f6f346919007cd459fd7e51a8c7779 (string)

}

12 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://git.kernel.org/stable/c/b67ad6170c0ea87391bb253f35d1f78857736e54 (string)

}

13 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://git.kernel.org/stable/c/be1ca30331c7923c6f376610c1bd6059be9b1908 (string)

}

14 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://git.kernel.org/stable/c/c38023032a598ec6263e008d62c7f02def72d5c7 (string)

}

15 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://git.kernel.org/stable/c/db044d97460ea792110eb8b971e82569ded536c6 (string)

}

16 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://git.kernel.org/stable/c/e372ecd455b6ebc7720f52bf4b5f5d44d02f2092 (string)

}

17 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://git.kernel.org/stable/c/e43669c77cb3a742b7d84ecdc7c68c4167a7709b (string)

}

]

sourceIdentifier : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

vulnStatus : Awaiting Analysis (string)

}

Show plain JSON

{"affected_release": [{"advisory": "RHSA-2024:5102", "cpe": "cpe:/a:redhat:enterprise_linux:8::nfv", "package": "kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-08-08T00:00:00Z"}, {"advisory": "RHSA-2024:5101", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kernel-0:4.18.0-553.16.1.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-08-08T00:00:00Z"}, {"advisory": "RHSA-2024:6206", "cpe": "cpe:/o:redhat:rhel_eus:8.8", "package": "kernel-0:4.18.0-477.70.1.el8_8", "product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support", "release_date": "2024-09-03T00:00:00Z"}], "bugzilla": {"description": "kernel: net: fix information leakage in /proc/net/ptype", "id": "2293383", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293383"}, "csaw": false, "cvss3": {"cvss3_base_score": "3.3", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "status": "verified"}, "cwe": "CWE-276", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nnet: fix information leakage in /proc/net/ptype\nIn one net namespace, after creating a packet socket without binding\nit to a device, users in other net namespaces can observe the new\n`packet_type` added by this packet socket by reading `/proc/net/ptype`\nfile. This is minor information leakage as packet socket is\nnamespace aware.\nAdd a net pointer in `packet_type` to keep the net namespace of\nof corresponding packet socket. In `ptype_seq_show`, this net pointer\nmust be checked when it is not NULL."], "name": "CVE-2022-48757", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-06-20T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-48757\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-48757\nhttps://lore.kernel.org/linux-cve-announce/2024062007-CVE-2022-48757-c816@gregkh/T"], "threat_severity": "Low"}

{

affected_release : [ »

0 : { »

advisory : RHSA-2024:5102 (string)

cpe : cpe:/a:redhat:enterprise_linux:8::nfv (string)

package : kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10 (string)

product_name : Red Hat Enterprise Linux 8 (string)

release_date : 2024-08-08T00:00:00Z (string)

}

1 : { »

advisory : RHSA-2024:5101 (string)

cpe : cpe:/o:redhat:enterprise_linux:8 (string)

package : kernel-0:4.18.0-553.16.1.el8_10 (string)

product_name : Red Hat Enterprise Linux 8 (string)

release_date : 2024-08-08T00:00:00Z (string)

}

2 : { »

advisory : RHSA-2024:6206 (string)

cpe : cpe:/o:redhat:rhel_eus:8.8 (string)

package : kernel-0:4.18.0-477.70.1.el8_8 (string)

product_name : Red Hat Enterprise Linux 8.8 Extended Update Support (string)

release_date : 2024-09-03T00:00:00Z (string)

}

]

bugzilla : { »

description : kernel: net: fix information leakage in /proc/net/ptype (string)

id : 2293383 (string)

url : https://bugzilla.redhat.com/show_bug.cgi?id=2293383 (string)

}

csaw : false (boolean)

cvss3 : { »

cvss3_base_score : 3.3 (string)

cvss3_scoring_vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N (string)

status : verified (string)

}

cwe : CWE-276 (string)

details : [ »

0 : In the Linux kernel, the following vulnerability has been resolved: net: fix information leakage in /proc/net/ptype In one net namespace, after creating a packet socket without binding it to a device, users in other net namespaces can observe the new `packet_type` added by this packet socket by reading `/proc/net/ptype` file. This is minor information leakage as packet socket is namespace aware. Add a net pointer in `packet_type` to keep the net namespace of of corresponding packet socket. In `ptype_seq_show`, this net pointer must be checked when it is not NULL. (string)

]

name : CVE-2022-48757 (string)

package_state : [ »

0 : { »

cpe : cpe:/o:redhat:enterprise_linux:6 (string)

fix_state : Out of support scope (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 6 (string)

}

1 : { »

cpe : cpe:/o:redhat:enterprise_linux:7 (string)

fix_state : Out of support scope (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 7 (string)

}

2 : { »

cpe : cpe:/o:redhat:enterprise_linux:7 (string)

fix_state : Out of support scope (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 7 (string)

}

3 : { »

cpe : cpe:/o:redhat:enterprise_linux:9 (string)

fix_state : Fix deferred (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 9 (string)

}

4 : { »

cpe : cpe:/o:redhat:enterprise_linux:9 (string)

fix_state : Fix deferred (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 9 (string)

}

]

public_date : 2024-06-20T00:00:00Z (string)

references : [ »

0 : https://www.cve.org/CVERecord?id=CVE-2022-48757 https://nvd.nist.gov/vuln/detail/CVE-2022-48757 https://lore.kernel.org/linux-cve-announce/2024062007-CVE-2022-48757-c816@gregkh/T (string)

]

threat_severity : Low (string)

}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object