16 matches found
EUVD-2022-51121
Malicious code in bioql PyPI...
USN-6339-4 linux-intel-iotg vulnerabilities
It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An attacker could use this to construct a malicious NTFS image that, when mounted and operated on, could cause a denial of service system crash. CVE-2022-48425...
USN-6351-1 linux-gke, linux-gkeop vulnerabilities
It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An attacker could use this to construct a malicious NTFS image that, when mounted and operated on, could cause a denial of service system crash. CVE-2022-48425...
Important: kernel-livepatch-6.1.29-47.49
Issue Overview: In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs. CVE-2022-48425 Affected Packages: kernel-livepatch-6.1.29-47.49 Issue Correction: Please ensure you have live patching enabled. Run dnf update...
MGASA-2023-0201 Updated kernel packages fix security vulnerabilities
This kernel update is based on upstream 5.15.117 and fixes atleast the following security issues: In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs CVE-2022-48425. An out-of-bounds memory access flaw was found in...
In the Linux kernel through 6.2.7 fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs.
...
SUSE CVE-2022-48425
In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs...
CVE-2022-48425
In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs...
CVE-2022-48425
In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs...
CVE-2022-48425
In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs...
Code injection
In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs...
UBUNTU-CVE-2022-48425
In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs...
CVE-2022-48425
In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs...
CVE-2022-48425
In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs...
CVE-2022-48425
In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs...
CVE-2022-48425
CVE-2022-48425 affects the Linux kernel up to 6.2.7, specifically the NTFS3 inode.c path. The issue is an invalid kfree introduced by not validating MFT flags before replaying logs, as described in the initial CVE entry. Consequences are consistent with the CVSS high scores listed in the document...