{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-48855", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-07-16T11:38:08.918Z", "datePublished": "2024-07-16T12:25:21.145Z", "dateUpdated": "2025-05-04T08:24:47.845Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T08:24:47.845Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: fix kernel-infoleak for SCTP sockets\n\nsyzbot reported a kernel infoleak [1] of 4 bytes.\n\nAfter analysis, it turned out r->idiag_expires is not initialized\nif inet_sctp_diag_fill() calls inet_diag_msg_common_fill()\n\nMake sure to clear idiag_timer/idiag_retrans/idiag_expires\nand let inet_diag_msg_sctpasoc_fill() fill them again if needed.\n\n[1]\n\nBUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:121 [inline]\nBUG: KMSAN: kernel-infoleak in copyout lib/iov_iter.c:154 [inline]\nBUG: KMSAN: kernel-infoleak in _copy_to_iter+0x6ef/0x25a0 lib/iov_iter.c:668\n instrument_copy_to_user include/linux/instrumented.h:121 [inline]\n copyout lib/iov_iter.c:154 [inline]\n _copy_to_iter+0x6ef/0x25a0 lib/iov_iter.c:668\n copy_to_iter include/linux/uio.h:162 [inline]\n simple_copy_to_iter+0xf3/0x140 net/core/datagram.c:519\n __skb_datagram_iter+0x2d5/0x11b0 net/core/datagram.c:425\n skb_copy_datagram_iter+0xdc/0x270 net/core/datagram.c:533\n skb_copy_datagram_msg include/linux/skbuff.h:3696 [inline]\n netlink_recvmsg+0x669/0x1c80 net/netlink/af_netlink.c:1977\n sock_recvmsg_nosec net/socket.c:948 [inline]\n sock_recvmsg net/socket.c:966 [inline]\n __sys_recvfrom+0x795/0xa10 net/socket.c:2097\n __do_sys_recvfrom net/socket.c:2115 [inline]\n __se_sys_recvfrom net/socket.c:2111 [inline]\n __x64_sys_recvfrom+0x19d/0x210 net/socket.c:2111\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x54/0xd0 arch/x86/entry/common.c:82\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nUninit was created at:\n slab_post_alloc_hook mm/slab.h:737 [inline]\n slab_alloc_node mm/slub.c:3247 [inline]\n __kmalloc_node_track_caller+0xe0c/0x1510 mm/slub.c:4975\n kmalloc_reserve net/core/skbuff.c:354 [inline]\n __alloc_skb+0x545/0xf90 net/core/skbuff.c:426\n alloc_skb include/linux/skbuff.h:1158 [inline]\n netlink_dump+0x3e5/0x16c0 net/netlink/af_netlink.c:2248\n __netlink_dump_start+0xcf8/0xe90 net/netlink/af_netlink.c:2373\n netlink_dump_start include/linux/netlink.h:254 [inline]\n inet_diag_handler_cmd+0x2e7/0x400 net/ipv4/inet_diag.c:1341\n sock_diag_rcv_msg+0x24a/0x620\n netlink_rcv_skb+0x40c/0x7e0 net/netlink/af_netlink.c:2494\n sock_diag_rcv+0x63/0x80 net/core/sock_diag.c:277\n netlink_unicast_kernel net/netlink/af_netlink.c:1317 [inline]\n netlink_unicast+0x1093/0x1360 net/netlink/af_netlink.c:1343\n netlink_sendmsg+0x14d9/0x1720 net/netlink/af_netlink.c:1919\n sock_sendmsg_nosec net/socket.c:705 [inline]\n sock_sendmsg net/socket.c:725 [inline]\n sock_write_iter+0x594/0x690 net/socket.c:1061\n do_iter_readv_writev+0xa7f/0xc70\n do_iter_write+0x52c/0x1500 fs/read_write.c:851\n vfs_writev fs/read_write.c:924 [inline]\n do_writev+0x645/0xe00 fs/read_write.c:967\n __do_sys_writev fs/read_write.c:1040 [inline]\n __se_sys_writev fs/read_write.c:1037 [inline]\n __x64_sys_writev+0xe5/0x120 fs/read_write.c:1037\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x54/0xd0 arch/x86/entry/common.c:82\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nBytes 68-71 of 2508 are uninitialized\nMemory access of size 2508 starts at ffff888114f9b000\nData copied to user address 00007f7fe09ff2e0\n\nCPU: 1 PID: 3478 Comm: syz-executor306 Not tainted 5.17.0-rc4-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/sctp/diag.c"], "versions": [{"version": "8f840e47f190cbe61a96945c13e9551048d42cef", "lessThan": "3fc0fd724d199e061432b66a8d85b7d48fe485f7", "status": "affected", "versionType": "git"}, {"version": "8f840e47f190cbe61a96945c13e9551048d42cef", "lessThan": "41a2864cf719c17294f417726edd411643462ab8", "status": "affected", "versionType": "git"}, {"version": "8f840e47f190cbe61a96945c13e9551048d42cef", "lessThan": "2d8fa3fdf4542a2174a72d92018f488d65d848c5", "status": "affected", "versionType": "git"}, {"version": "8f840e47f190cbe61a96945c13e9551048d42cef", "lessThan": "bbf59d7ae558940cfa2b36a287fd1e88d83f89f8", "status": "affected", "versionType": "git"}, {"version": "8f840e47f190cbe61a96945c13e9551048d42cef", "lessThan": "b7e4d9ba2ddb78801488b4c623875b81fb46b545", "status": "affected", "versionType": "git"}, {"version": "8f840e47f190cbe61a96945c13e9551048d42cef", "lessThan": "1502f15b9f29c41883a6139f2923523873282a83", "status": "affected", "versionType": "git"}, {"version": "8f840e47f190cbe61a96945c13e9551048d42cef", "lessThan": "d828b0fe6631f3ae8709ac9a10c77c5836c76a08", "status": "affected", "versionType": "git"}, {"version": "8f840e47f190cbe61a96945c13e9551048d42cef", "lessThan": "633593a808980f82d251d0ca89730d8bb8b0220c", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/sctp/diag.c"], "versions": [{"version": "4.7", "status": "affected"}, {"version": "0", "lessThan": "4.7", "status": "unaffected", "versionType": "semver"}, {"version": "4.9.307", "lessThanOrEqual": "4.9.*", "status": "unaffected", "versionType": "semver"}, {"version": "4.14.272", "lessThanOrEqual": "4.14.*", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.235", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.185", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.106", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.29", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.16.15", "lessThanOrEqual": "5.16.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.17", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.7", "versionEndExcluding": "4.9.307"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.7", "versionEndExcluding": "4.14.272"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.7", "versionEndExcluding": "4.19.235"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.7", "versionEndExcluding": "5.4.185"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.7", "versionEndExcluding": "5.10.106"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.7", "versionEndExcluding": "5.15.29"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.7", "versionEndExcluding": "5.16.15"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.7", "versionEndExcluding": "5.17"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/3fc0fd724d199e061432b66a8d85b7d48fe485f7"}, {"url": "https://git.kernel.org/stable/c/41a2864cf719c17294f417726edd411643462ab8"}, {"url": "https://git.kernel.org/stable/c/2d8fa3fdf4542a2174a72d92018f488d65d848c5"}, {"url": "https://git.kernel.org/stable/c/bbf59d7ae558940cfa2b36a287fd1e88d83f89f8"}, {"url": "https://git.kernel.org/stable/c/b7e4d9ba2ddb78801488b4c623875b81fb46b545"}, {"url": "https://git.kernel.org/stable/c/1502f15b9f29c41883a6139f2923523873282a83"}, {"url": "https://git.kernel.org/stable/c/d828b0fe6631f3ae8709ac9a10c77c5836c76a08"}, {"url": "https://git.kernel.org/stable/c/633593a808980f82d251d0ca89730d8bb8b0220c"}], "title": "sctp: fix kernel-infoleak for SCTP sockets", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T15:25:01.783Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/3fc0fd724d199e061432b66a8d85b7d48fe485f7", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/41a2864cf719c17294f417726edd411643462ab8", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/2d8fa3fdf4542a2174a72d92018f488d65d848c5", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/bbf59d7ae558940cfa2b36a287fd1e88d83f89f8", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b7e4d9ba2ddb78801488b4c623875b81fb46b545", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/1502f15b9f29c41883a6139f2923523873282a83", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/d828b0fe6631f3ae8709ac9a10c77c5836c76a08", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/633593a808980f82d251d0ca89730d8bb8b0220c", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-48855", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T16:25:52.411711Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:34:08.096Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/3fc0fd724d199e061432b66a8d85b7d48fe485f7", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/41a2864cf719c17294f417726edd411643462ab8", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/2d8fa3fdf4542a2174a72d92018f488d65d848c5", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/bbf59d7ae558940cfa2b36a287fd1e88d83f89f8", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b7e4d9ba2ddb78801488b4c623875b81fb46b545", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/1502f15b9f29c41883a6139f2923523873282a83", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/d828b0fe6631f3ae8709ac9a10c77c5836c76a08", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/633593a808980f82d251d0ca89730d8bb8b0220c", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T15:25:01.783Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-48855", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T16:25:52.411711Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:20.860Z"}}], "cna": {"title": "sctp: fix kernel-infoleak for SCTP sockets", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "8f840e47f190cbe61a96945c13e9551048d42cef", "lessThan": "3fc0fd724d199e061432b66a8d85b7d48fe485f7", "versionType": "git"}, {"status": "affected", "version": "8f840e47f190cbe61a96945c13e9551048d42cef", "lessThan": "41a2864cf719c17294f417726edd411643462ab8", "versionType": "git"}, {"status": "affected", "version": "8f840e47f190cbe61a96945c13e9551048d42cef", "lessThan": "2d8fa3fdf4542a2174a72d92018f488d65d848c5", "versionType": "git"}, {"status": "affected", "version": "8f840e47f190cbe61a96945c13e9551048d42cef", "lessThan": "bbf59d7ae558940cfa2b36a287fd1e88d83f89f8", "versionType": "git"}, {"status": "affected", "version": "8f840e47f190cbe61a96945c13e9551048d42cef", "lessThan": "b7e4d9ba2ddb78801488b4c623875b81fb46b545", "versionType": "git"}, {"status": "affected", "version": "8f840e47f190cbe61a96945c13e9551048d42cef", "lessThan": "1502f15b9f29c41883a6139f2923523873282a83", "versionType": "git"}, {"status": "affected", "version": "8f840e47f190cbe61a96945c13e9551048d42cef", "lessThan": "d828b0fe6631f3ae8709ac9a10c77c5836c76a08", "versionType": "git"}, {"status": "affected", "version": "8f840e47f190cbe61a96945c13e9551048d42cef", "lessThan": "633593a808980f82d251d0ca89730d8bb8b0220c", "versionType": "git"}], "programFiles": ["net/sctp/diag.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "4.7"}, {"status": "unaffected", "version": "0", "lessThan": "4.7", "versionType": "semver"}, {"status": "unaffected", "version": "4.9.307", "versionType": "semver", "lessThanOrEqual": "4.9.*"}, {"status": "unaffected", "version": "4.14.272", "versionType": "semver", "lessThanOrEqual": "4.14.*"}, {"status": "unaffected", "version": "4.19.235", "versionType": "semver", "lessThanOrEqual": "4.19.*"}, {"status": "unaffected", "version": "5.4.185", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.106", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.29", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "5.16.15", "versionType": "semver", "lessThanOrEqual": "5.16.*"}, {"status": "unaffected", "version": "5.17", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["net/sctp/diag.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/3fc0fd724d199e061432b66a8d85b7d48fe485f7"}, {"url": "https://git.kernel.org/stable/c/41a2864cf719c17294f417726edd411643462ab8"}, {"url": "https://git.kernel.org/stable/c/2d8fa3fdf4542a2174a72d92018f488d65d848c5"}, {"url": "https://git.kernel.org/stable/c/bbf59d7ae558940cfa2b36a287fd1e88d83f89f8"}, {"url": "https://git.kernel.org/stable/c/b7e4d9ba2ddb78801488b4c623875b81fb46b545"}, {"url": "https://git.kernel.org/stable/c/1502f15b9f29c41883a6139f2923523873282a83"}, {"url": "https://git.kernel.org/stable/c/d828b0fe6631f3ae8709ac9a10c77c5836c76a08"}, {"url": "https://git.kernel.org/stable/c/633593a808980f82d251d0ca89730d8bb8b0220c"}], "x_generator": {"engine": "bippy-1.2.0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: fix kernel-infoleak for SCTP sockets\n\nsyzbot reported a kernel infoleak [1] of 4 bytes.\n\nAfter analysis, it turned out r->idiag_expires is not initialized\nif inet_sctp_diag_fill() calls inet_diag_msg_common_fill()\n\nMake sure to clear idiag_timer/idiag_retrans/idiag_expires\nand let inet_diag_msg_sctpasoc_fill() fill them again if needed.\n\n[1]\n\nBUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:121 [inline]\nBUG: KMSAN: kernel-infoleak in copyout lib/iov_iter.c:154 [inline]\nBUG: KMSAN: kernel-infoleak in _copy_to_iter+0x6ef/0x25a0 lib/iov_iter.c:668\n instrument_copy_to_user include/linux/instrumented.h:121 [inline]\n copyout lib/iov_iter.c:154 [inline]\n _copy_to_iter+0x6ef/0x25a0 lib/iov_iter.c:668\n copy_to_iter include/linux/uio.h:162 [inline]\n simple_copy_to_iter+0xf3/0x140 net/core/datagram.c:519\n __skb_datagram_iter+0x2d5/0x11b0 net/core/datagram.c:425\n skb_copy_datagram_iter+0xdc/0x270 net/core/datagram.c:533\n skb_copy_datagram_msg include/linux/skbuff.h:3696 [inline]\n netlink_recvmsg+0x669/0x1c80 net/netlink/af_netlink.c:1977\n sock_recvmsg_nosec net/socket.c:948 [inline]\n sock_recvmsg net/socket.c:966 [inline]\n __sys_recvfrom+0x795/0xa10 net/socket.c:2097\n __do_sys_recvfrom net/socket.c:2115 [inline]\n __se_sys_recvfrom net/socket.c:2111 [inline]\n __x64_sys_recvfrom+0x19d/0x210 net/socket.c:2111\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x54/0xd0 arch/x86/entry/common.c:82\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nUninit was created at:\n slab_post_alloc_hook mm/slab.h:737 [inline]\n slab_alloc_node mm/slub.c:3247 [inline]\n __kmalloc_node_track_caller+0xe0c/0x1510 mm/slub.c:4975\n kmalloc_reserve net/core/skbuff.c:354 [inline]\n __alloc_skb+0x545/0xf90 net/core/skbuff.c:426\n alloc_skb include/linux/skbuff.h:1158 [inline]\n netlink_dump+0x3e5/0x16c0 net/netlink/af_netlink.c:2248\n __netlink_dump_start+0xcf8/0xe90 net/netlink/af_netlink.c:2373\n netlink_dump_start include/linux/netlink.h:254 [inline]\n inet_diag_handler_cmd+0x2e7/0x400 net/ipv4/inet_diag.c:1341\n sock_diag_rcv_msg+0x24a/0x620\n netlink_rcv_skb+0x40c/0x7e0 net/netlink/af_netlink.c:2494\n sock_diag_rcv+0x63/0x80 net/core/sock_diag.c:277\n netlink_unicast_kernel net/netlink/af_netlink.c:1317 [inline]\n netlink_unicast+0x1093/0x1360 net/netlink/af_netlink.c:1343\n netlink_sendmsg+0x14d9/0x1720 net/netlink/af_netlink.c:1919\n sock_sendmsg_nosec net/socket.c:705 [inline]\n sock_sendmsg net/socket.c:725 [inline]\n sock_write_iter+0x594/0x690 net/socket.c:1061\n do_iter_readv_writev+0xa7f/0xc70\n do_iter_write+0x52c/0x1500 fs/read_write.c:851\n vfs_writev fs/read_write.c:924 [inline]\n do_writev+0x645/0xe00 fs/read_write.c:967\n __do_sys_writev fs/read_write.c:1040 [inline]\n __se_sys_writev fs/read_write.c:1037 [inline]\n __x64_sys_writev+0xe5/0x120 fs/read_write.c:1037\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x54/0xd0 arch/x86/entry/common.c:82\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nBytes 68-71 of 2508 are uninitialized\nMemory access of size 2508 starts at ffff888114f9b000\nData copied to user address 00007f7fe09ff2e0\n\nCPU: 1 PID: 3478 Comm: syz-executor306 Not tainted 5.17.0-rc4-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011"}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.9.307", "versionStartIncluding": "4.7"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.14.272", "versionStartIncluding": "4.7"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.19.235", "versionStartIncluding": "4.7"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.4.185", "versionStartIncluding": "4.7"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.10.106", "versionStartIncluding": "4.7"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.15.29", "versionStartIncluding": "4.7"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.16.15", "versionStartIncluding": "4.7"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.17", "versionStartIncluding": "4.7"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T08:24:47.845Z"}}}, "cveMetadata": {"cveId": "CVE-2022-48855", "state": "PUBLISHED", "dateUpdated": "2025-05-04T08:24:47.845Z", "dateReserved": "2024-07-16T11:38:08.918Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-07-16T12:25:21.145Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "67BCFB82-DA50-41CF-8E7E-3853D6A41F6D", "versionEndExcluding": "4.9.307", "versionStartIncluding": "4.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "7F0FA2C5-4E50-48A6-9D72-7C133B60EF05", "versionEndExcluding": "4.14.272", "versionStartIncluding": "4.10", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "F8671D74-E8CD-4E41-A93F-3E3E88125D16", "versionEndExcluding": "4.19.235", "versionStartIncluding": "4.15", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "B374BFBF-C879-4A72-921F-C850CF7DFB99", "versionEndExcluding": "5.4.185", "versionStartIncluding": "4.20", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "6A4F38AC-99A2-48DF-B132-C9F785B309B8", "versionEndExcluding": "5.10.106", "versionStartIncluding": "5.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "15DC6588-B28F-4637-9A1E-3753B34A40CF", "versionEndExcluding": "5.15.29", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "83FDEDF2-0E19-4879-91FD-171E66D1B335", "versionEndExcluding": "5.16.15", "versionStartIncluding": "5.16", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: fix kernel-infoleak for SCTP sockets\n\nsyzbot reported a kernel infoleak [1] of 4 bytes.\n\nAfter analysis, it turned out r->idiag_expires is not initialized\nif inet_sctp_diag_fill() calls inet_diag_msg_common_fill()\n\nMake sure to clear idiag_timer/idiag_retrans/idiag_expires\nand let inet_diag_msg_sctpasoc_fill() fill them again if needed.\n\n[1]\n\nBUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:121 [inline]\nBUG: KMSAN: kernel-infoleak in copyout lib/iov_iter.c:154 [inline]\nBUG: KMSAN: kernel-infoleak in _copy_to_iter+0x6ef/0x25a0 lib/iov_iter.c:668\n instrument_copy_to_user include/linux/instrumented.h:121 [inline]\n copyout lib/iov_iter.c:154 [inline]\n _copy_to_iter+0x6ef/0x25a0 lib/iov_iter.c:668\n copy_to_iter include/linux/uio.h:162 [inline]\n simple_copy_to_iter+0xf3/0x140 net/core/datagram.c:519\n __skb_datagram_iter+0x2d5/0x11b0 net/core/datagram.c:425\n skb_copy_datagram_iter+0xdc/0x270 net/core/datagram.c:533\n skb_copy_datagram_msg include/linux/skbuff.h:3696 [inline]\n netlink_recvmsg+0x669/0x1c80 net/netlink/af_netlink.c:1977\n sock_recvmsg_nosec net/socket.c:948 [inline]\n sock_recvmsg net/socket.c:966 [inline]\n __sys_recvfrom+0x795/0xa10 net/socket.c:2097\n __do_sys_recvfrom net/socket.c:2115 [inline]\n __se_sys_recvfrom net/socket.c:2111 [inline]\n __x64_sys_recvfrom+0x19d/0x210 net/socket.c:2111\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x54/0xd0 arch/x86/entry/common.c:82\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nUninit was created at:\n slab_post_alloc_hook mm/slab.h:737 [inline]\n slab_alloc_node mm/slub.c:3247 [inline]\n __kmalloc_node_track_caller+0xe0c/0x1510 mm/slub.c:4975\n kmalloc_reserve net/core/skbuff.c:354 [inline]\n __alloc_skb+0x545/0xf90 net/core/skbuff.c:426\n alloc_skb include/linux/skbuff.h:1158 [inline]\n netlink_dump+0x3e5/0x16c0 net/netlink/af_netlink.c:2248\n __netlink_dump_start+0xcf8/0xe90 net/netlink/af_netlink.c:2373\n netlink_dump_start include/linux/netlink.h:254 [inline]\n inet_diag_handler_cmd+0x2e7/0x400 net/ipv4/inet_diag.c:1341\n sock_diag_rcv_msg+0x24a/0x620\n netlink_rcv_skb+0x40c/0x7e0 net/netlink/af_netlink.c:2494\n sock_diag_rcv+0x63/0x80 net/core/sock_diag.c:277\n netlink_unicast_kernel net/netlink/af_netlink.c:1317 [inline]\n netlink_unicast+0x1093/0x1360 net/netlink/af_netlink.c:1343\n netlink_sendmsg+0x14d9/0x1720 net/netlink/af_netlink.c:1919\n sock_sendmsg_nosec net/socket.c:705 [inline]\n sock_sendmsg net/socket.c:725 [inline]\n sock_write_iter+0x594/0x690 net/socket.c:1061\n do_iter_readv_writev+0xa7f/0xc70\n do_iter_write+0x52c/0x1500 fs/read_write.c:851\n vfs_writev fs/read_write.c:924 [inline]\n do_writev+0x645/0xe00 fs/read_write.c:967\n __do_sys_writev fs/read_write.c:1040 [inline]\n __se_sys_writev fs/read_write.c:1037 [inline]\n __x64_sys_writev+0xe5/0x120 fs/read_write.c:1037\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x54/0xd0 arch/x86/entry/common.c:82\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nBytes 68-71 of 2508 are uninitialized\nMemory access of size 2508 starts at ffff888114f9b000\nData copied to user address 00007f7fe09ff2e0\n\nCPU: 1 PID: 3478 Comm: syz-executor306 Not tainted 5.17.0-rc4-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011"}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: sctp: corrige la fuga de informaci\u00f3n del kernel para sockets SCTP syzbot inform\u00f3 una fuga de informaci\u00f3n del kernel [1] de 4 bytes. Despu\u00e9s del an\u00e1lisis, result\u00f3 que r->idiag_expires no se inicializa si inet_sctp_diag_fill() llama a inet_diag_msg_common_fill(). Aseg\u00farese de borrar idiag_timer/idiag_retrans/idiag_expires y deje que inet_diag_msg_sctpasoc_fill() los complete nuevamente si es necesario. [1] ERROR: KMSAN: kernel-infoleak en instrument_copy_to_user include/linux/instrumented.h:121 [en l\u00ednea] ERROR: KMSAN: kernel-infoleak en copia lib/iov_iter.c:154 [en l\u00ednea] ERROR: KMSAN: kernel-infoleak en _copy_to_iter+0x6ef/0x25a0 lib/iov_iter.c:668 instrument_copy_to_user include/linux/instrumented.h:121 [en l\u00ednea] copia lib/iov_iter.c:154 [en l\u00ednea] _copy_to_iter+0x6ef/0x25a0 lib/iov_iter.c:668 copy_to_iter include/linux/uio.h:162 [en l\u00ednea] simple_copy_to_iter+0xf3/0x140 net/core/datagram.c:519 __skb_datagram_iter+0x2d5/0x11b0 net/core/datagram.c:425 skb_copy_datagram_iter+0xdc/0x270 net/core/datagram .c:533 skb_copy_datagram_msg include/linux/skbuff.h:3696 [en l\u00ednea] netlink_recvmsg+0x669/0x1c80 net/netlink/af_netlink.c:1977 sock_recvmsg_nosec net/socket.c:948 [en l\u00ednea] sock_recvmsg net/socket.c:966 [en l\u00ednea] __sys_recvfrom+0x795/0xa10 net/socket.c:2097 __do_sys_recvfrom net/socket.c:2115 [en l\u00ednea] __se_sys_recvfrom net/socket.c:2111 [en l\u00ednea] __x64_sys_recvfrom+0x19d/0x210 net/socket.c: 2111 hacer_syscall_x64 arch/x86/entry/common.c:51 [en l\u00ednea] do_syscall_64+0x54/0xd0 arch/x86/entry/common.c:82 Entry_SYSCALL_64_after_hwframe+0x44/0xae Uninit se cre\u00f3 en: slab_post_alloc_hook mm/slab.h:737 [en l\u00ednea ] slab_alloc_node mm/slub.c:3247 [en l\u00ednea] __kmalloc_node_track_caller+0xe0c/0x1510 mm/slub.c:4975 kmalloc_reserve net/core/skbuff.c:354 [en l\u00ednea] __alloc_skb+0x545/0xf90 net/core/skbuff.c: 426 alloc_skb include/linux/skbuff.h:1158 [en l\u00ednea] netlink_dump+0x3e5/0x16c0 net/netlink/af_netlink.c:2248 __netlink_dump_start+0xcf8/0xe90 net/netlink/af_netlink.c:2373 netlink_dump_start include/linux/netlink.h :254 [en l\u00ednea] inet_diag_handler_cmd+0x2e7/0x400 net/ipv4/inet_diag.c:1341 sock_diag_rcv_msg+0x24a/0x620 netlink_rcv_skb+0x40c/0x7e0 net/netlink/af_netlink.c:2494 sock_diag_rcv+0x63/ 0x80 net/core/sock_diag.c : 277 netlink_unicast_kernel net/netlink/af_netlink.c: 1317 [en l\u00ednea] netlink_unicast+0x1093/0x1360 netlink/af_netlink.c: 1343 netlink_sendmsg+0x14d9/0x1720 net/netlink/socks OCKE.C: 705 [en l\u00ednea] sock_sendmsg net/socket.c:725 [en l\u00ednea] sock_write_iter+0x594/0x690 net/socket.c:1061 do_iter_readv_writev+0xa7f/0xc70 do_iter_write+0x52c/0x1500 fs/read_write.c:851 vfs_writev fs/read_ escribir.c :924 [en l\u00ednea] do_writev+0x645/0xe00 fs/read_write.c:967 __do_sys_writev fs/read_write.c:1040 [en l\u00ednea] __se_sys_writev fs/read_write.c:1037 [en l\u00ednea] __x64_sys_writev+0xe5/0x120 fs/read_write.c: 1037 do_syscall_x64 arch/x86/entry/common.c:51 [inline] do_syscall_64+0x54/0xd0 arch/x86/entry/common.c:82 Entry_SYSCALL_64_after_hwframe+0x44/0xae Los bytes 68-71 de 2508 no est\u00e1n inicializados Acceso a memoria de tama\u00f1o 2508 comienza en ffff888114f9b000 Datos copiados a la direcci\u00f3n de usuario 00007f7fe09ff2e0 CPU: 1 PID: 3478 Comm: syz-executor306 Not tainted 5.17.0-rc4-syzkaller #0 Nombre de hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011"}], "id": "CVE-2022-48855", "lastModified": "2024-11-21T07:34:13.223", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-07-16T13:15:12.550", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/1502f15b9f29c41883a6139f2923523873282a83"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/2d8fa3fdf4542a2174a72d92018f488d65d848c5"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/3fc0fd724d199e061432b66a8d85b7d48fe485f7"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/41a2864cf719c17294f417726edd411643462ab8"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/633593a808980f82d251d0ca89730d8bb8b0220c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/b7e4d9ba2ddb78801488b4c623875b81fb46b545"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/bbf59d7ae558940cfa2b36a287fd1e88d83f89f8"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/d828b0fe6631f3ae8709ac9a10c77c5836c76a08"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/1502f15b9f29c41883a6139f2923523873282a83"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/2d8fa3fdf4542a2174a72d92018f488d65d848c5"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/3fc0fd724d199e061432b66a8d85b7d48fe485f7"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/41a2864cf719c17294f417726edd411643462ab8"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/633593a808980f82d251d0ca89730d8bb8b0220c"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/b7e4d9ba2ddb78801488b4c623875b81fb46b545"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/bbf59d7ae558940cfa2b36a287fd1e88d83f89f8"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/d828b0fe6631f3ae8709ac9a10c77c5836c76a08"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-401"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: sctp: fix kernel-infoleak for SCTP sockets", "id": "2298196", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298196"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.1", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", "status": "draft"}, "cwe": "CWE-908", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nsctp: fix kernel-infoleak for SCTP sockets\nsyzbot reported a kernel infoleak [1] of 4 bytes.\nAfter analysis, it turned out r->idiag_expires is not initialized\nif inet_sctp_diag_fill() calls inet_diag_msg_common_fill()\nMake sure to clear idiag_timer/idiag_retrans/idiag_expires\nand let inet_diag_msg_sctpasoc_fill() fill them again if needed.\n[1]\nBUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:121 [inline]\nBUG: KMSAN: kernel-infoleak in copyout lib/iov_iter.c:154 [inline]\nBUG: KMSAN: kernel-infoleak in _copy_to_iter+0x6ef/0x25a0 lib/iov_iter.c:668\ninstrument_copy_to_user include/linux/instrumented.h:121 [inline]\ncopyout lib/iov_iter.c:154 [inline]\n_copy_to_iter+0x6ef/0x25a0 lib/iov_iter.c:668\ncopy_to_iter include/linux/uio.h:162 [inline]\nsimple_copy_to_iter+0xf3/0x140 net/core/datagram.c:519\n__skb_datagram_iter+0x2d5/0x11b0 net/core/datagram.c:425\nskb_copy_datagram_iter+0xdc/0x270 net/core/datagram.c:533\nskb_copy_datagram_msg include/linux/skbuff.h:3696 [inline]\nnetlink_recvmsg+0x669/0x1c80 net/netlink/af_netlink.c:1977\nsock_recvmsg_nosec net/socket.c:948 [inline]\nsock_recvmsg net/socket.c:966 [inline]\n__sys_recvfrom+0x795/0xa10 net/socket.c:2097\n__do_sys_recvfrom net/socket.c:2115 [inline]\n__se_sys_recvfrom net/socket.c:2111 [inline]\n__x64_sys_recvfrom+0x19d/0x210 net/socket.c:2111\ndo_syscall_x64 arch/x86/entry/common.c:51 [inline]\ndo_syscall_64+0x54/0xd0 arch/x86/entry/common.c:82\nentry_SYSCALL_64_after_hwframe+0x44/0xae\nUninit was created at:\nslab_post_alloc_hook mm/slab.h:737 [inline]\nslab_alloc_node mm/slub.c:3247 [inline]\n__kmalloc_node_track_caller+0xe0c/0x1510 mm/slub.c:4975\nkmalloc_reserve net/core/skbuff.c:354 [inline]\n__alloc_skb+0x545/0xf90 net/core/skbuff.c:426\nalloc_skb include/linux/skbuff.h:1158 [inline]\nnetlink_dump+0x3e5/0x16c0 net/netlink/af_netlink.c:2248\n__netlink_dump_start+0xcf8/0xe90 net/netlink/af_netlink.c:2373\nnetlink_dump_start include/linux/netlink.h:254 [inline]\ninet_diag_handler_cmd+0x2e7/0x400 net/ipv4/inet_diag.c:1341\nsock_diag_rcv_msg+0x24a/0x620\nnetlink_rcv_skb+0x40c/0x7e0 net/netlink/af_netlink.c:2494\nsock_diag_rcv+0x63/0x80 net/core/sock_diag.c:277\nnetlink_unicast_kernel net/netlink/af_netlink.c:1317 [inline]\nnetlink_unicast+0x1093/0x1360 net/netlink/af_netlink.c:1343\nnetlink_sendmsg+0x14d9/0x1720 net/netlink/af_netlink.c:1919\nsock_sendmsg_nosec net/socket.c:705 [inline]\nsock_sendmsg net/socket.c:725 [inline]\nsock_write_iter+0x594/0x690 net/socket.c:1061\ndo_iter_readv_writev+0xa7f/0xc70\ndo_iter_write+0x52c/0x1500 fs/read_write.c:851\nvfs_writev fs/read_write.c:924 [inline]\ndo_writev+0x645/0xe00 fs/read_write.c:967\n__do_sys_writev fs/read_write.c:1040 [inline]\n__se_sys_writev fs/read_write.c:1037 [inline]\n__x64_sys_writev+0xe5/0x120 fs/read_write.c:1037\ndo_syscall_x64 arch/x86/entry/common.c:51 [inline]\ndo_syscall_64+0x54/0xd0 arch/x86/entry/common.c:82\nentry_SYSCALL_64_after_hwframe+0x44/0xae\nBytes 68-71 of 2508 are uninitialized\nMemory access of size 2508 starts at ffff888114f9b000\nData copied to user address 00007f7fe09ff2e0\nCPU: 1 PID: 3478 Comm: syz-executor306 Not tainted 5.17.0-rc4-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011", "A kernel information leak was found in SCTP sockets in the Linux Kernel, where uninitialized memory could be exposed to userspace. This issue occurs in the `inet_sctp_diag_fill()` function, which fails to initialize certain fields before sending data."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2022-48855", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-07-16T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-48855\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-48855\nhttps://lore.kernel.org/linux-cve-announce/2024071626-CVE-2022-48855-cce9@gregkh/T"], "statement": "Red Hat Enterprise Linux is not vulnerable to this CVE, as it does not affect the versions or configurations of the Linux kernel used in its distributions.", "threat_severity": "Moderate"}