Alpaquita LinuxStreamSecurity Advisory
Search Cve

CVE-2022-24448

Published: February 4, 2022Last modified: August 20, 2024

Description

An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should occur, but the server instead returns uninitialized data in the file descriptor.

Severity score breakdown

ParameterValue
Base score3.3
Attack VectorLOCAL
Attack complexityLOW
Privileges requiredLOW
User interactionNONE
ScopeUNCHANGED
ConfidentialityLOW
Integrity impactNONE
Availability impactNONE
VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Status

ProductReleasePackageStatus
Alpaquita LinuxStreamlinux-ltsNot affected (6.1.33-r0)

References

ON THIS PAGE