CVE-2022-48665

In the Linux kernel, the following vulnerability has been resolved: exfat: fix overflow for large capacity partition Using int type for sector index, there will be overflow in a large capacity partition. For example, if storage with sector size of 512 bytes and partition capacity is larger than 2TB, there will be overflow.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/17244f71765dfec39e84493993993e896c376d09	Patch
https://git.kernel.org/stable/c/2e9ceb6728f1dc2fa4b5d08f37d88cbc49a20a62	Patch
https://git.kernel.org/stable/c/17244f71765dfec39e84493993993e896c376d09	Patch
https://git.kernel.org/stable/c/2e9ceb6728f1dc2fa4b5d08f37d88cbc49a20a62	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.0:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.0:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.0:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.0:rc4::::::
	cpe:2.3:o:linux:linux_kernel:6.0:rc5::::::
	cpe:2.3:o:linux:linux_kernel:6.0:rc6::::::

History

No history.

Information

Published : 2024-04-28 13:15

Updated : 2025-09-19 15:02

NVD link : CVE-2022-48665

Mitre link : CVE-2022-48665

CVE.ORG link : CVE-2022-48665

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-191

Integer Underflow (Wrap or Wraparound)

{"id": "CVE-2022-48665", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2024-04-28T13:15:08.073", "references": [{"url": "https://git.kernel.org/stable/c/17244f71765dfec39e84493993993e896c376d09", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/2e9ceb6728f1dc2fa4b5d08f37d88cbc49a20a62", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/17244f71765dfec39e84493993993e896c376d09", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/2e9ceb6728f1dc2fa4b5d08f37d88cbc49a20a62", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-191"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nexfat: fix overflow for large capacity partition\n\nUsing int type for sector index, there will be overflow in a large\ncapacity partition.\n\nFor example, if storage with sector size of 512 bytes and partition\ncapacity is larger than 2TB, there will be overflow."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: exfat: corrige el desbordamiento de una partici\u00f3n de gran capacidad. Al usar el tipo int para el \u00edndice del sector, habr\u00e1 un desbordamiento en una partici\u00f3n de gran capacidad. Por ejemplo, si el almacenamiento con un tama\u00f1o de sector de 512 bytes y una capacidad de partici\u00f3n es superior a 2 TB, se producir\u00e1 un desbordamiento."}], "lastModified": "2025-09-19T15:02:24.203", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2805DC7D-5EBA-4306-BF65-309CDBF3B0F2", "versionEndExcluding": "5.19.12", "versionStartIncluding": "5.19"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.0:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E8BD11A3-8643-49B6-BADE-5029A0117325"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.0:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5F0AD220-F6A9-4012-8636-155F1B841FAD"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.0:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A46498B3-78E1-4623-AAE1-94D29A42BE4E"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.0:rc4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F8446E87-F5F6-41CA-8201-BAE0F0CA6DD9"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.0:rc5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8E5FB72F-67CE-43CC-83FE-541604D98182"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.0:rc6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3A0A7397-F5F8-4753-82DC-9A11288E696D"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}