CVE-2022-24448
Description
An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should occur, but the server instead returns uninitialized data in the file descriptor.
Predictions
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2022-7683.html
Vendor advisory: alma — https://bugzilla.redhat.com/2062284
Vendor advisory: alma — https://access.redhat.com/errata/RHSA-2022:7683
Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2022-7444.html
Vendor advisory: alma — https://bugzilla.redhat.com/2120175
Vendor advisory: alma — https://bugzilla.redhat.com/2112693
Vendor advisory: alma — https://bugzilla.redhat.com/2096178
Vendor advisory: alma — https://bugzilla.redhat.com/2070220
Vendor advisory: alma — https://bugzilla.redhat.com/2069408
Vendor advisory: alma — https://bugzilla.redhat.com/1946279
Vendor advisory: alma — https://access.redhat.com/errata/RHSA-2022:7444
Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2022-8267.html
Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2022-24448
Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2022:7444
Vendor advisory: suse — https://www.suse.com/security/cve/CVE-2022-24448.html
Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2022:7683
Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2022:8267
Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2022-7933.html
Vendor advisory: alma — https://bugzilla.redhat.com/2129152
Vendor advisory: alma — https://bugzilla.redhat.com/2123695
Vendor advisory: alma — https://bugzilla.redhat.com/2115278
Vendor advisory: alma — https://bugzilla.redhat.com/2115065
Vendor advisory: alma — https://bugzilla.redhat.com/2114878
Vendor advisory: alma — https://bugzilla.redhat.com/2103153
Vendor advisory: alma — https://bugzilla.redhat.com/2103148
Vendor advisory: alma — https://bugzilla.redhat.com/2090241
Vendor advisory: alma — https://bugzilla.redhat.com/2090240
Vendor advisory: alma — https://bugzilla.redhat.com/2090237
Vendor advisory: alma — https://bugzilla.redhat.com/2090226
Vendor advisory: alma — https://bugzilla.redhat.com/2089815
Vendor advisory: alma — https://bugzilla.redhat.com/2088021
Vendor advisory: alma — https://bugzilla.redhat.com/2084479
Vendor advisory: alma — https://bugzilla.redhat.com/2084183
Vendor advisory: alma — https://bugzilla.redhat.com/2084125
Vendor advisory: alma — https://bugzilla.redhat.com/2074208
Vendor advisory: alma — https://bugzilla.redhat.com/2073064
Vendor advisory: alma — https://bugzilla.redhat.com/2071022
Vendor advisory: alma — https://bugzilla.redhat.com/2070205
Vendor advisory: alma — https://bugzilla.redhat.com/2066819
Vendor advisory: alma — https://bugzilla.redhat.com/2066706
Vendor advisory: alma — https://bugzilla.redhat.com/2066614
Vendor advisory: alma — https://bugzilla.redhat.com/2059928
Vendor advisory: alma — https://bugzilla.redhat.com/2058395
Vendor advisory: alma — https://bugzilla.redhat.com/2053632
Vendor advisory: alma — https://bugzilla.redhat.com/2052312
Vendor advisory: alma — https://bugzilla.redhat.com/2051444
Vendor advisory: alma — https://bugzilla.redhat.com/2037386
Vendor advisory: alma — https://bugzilla.redhat.com/1980646
Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2022:7933
OS impact
| OS | Version | Status | Fixed in |
|---|---|---|---|
| rhel | 9 | fixed | |
| almalinux | 9 | fixed | kernel-rt-debug-core-5.14.0-162.6.1.rt21.168.el9_1.x86_64.rpm |
| rocky | 8 | fixed | |
| sles | affected | | |
| debian | bookworm | fixed | 5.16.7-1 |
| debian | bullseye | fixed | 5.10.92-2 |
| debian | forky | fixed | 5.16.7-1 |
| debian | sid | fixed | 5.16.7-1 |
| debian | trixie | fixed | 5.16.7-1 |
References
- https://access.redhat.com/errata/RHSA-2022:7933
- https://bugzilla.redhat.com/1980646
- https://bugzilla.redhat.com/2037386
- https://bugzilla.redhat.com/2051444
- https://bugzilla.redhat.com/2052312
- https://bugzilla.redhat.com/2053632
- https://bugzilla.redhat.com/2058395
- https://bugzilla.redhat.com/2059928
- https://bugzilla.redhat.com/2066614
- https://bugzilla.redhat.com/2066706
- https://bugzilla.redhat.com/2066819
- https://bugzilla.redhat.com/2070205
- https://bugzilla.redhat.com/2071022
- https://bugzilla.redhat.com/2073064
- https://bugzilla.redhat.com/2074208
- https://bugzilla.redhat.com/2084125
- https://bugzilla.redhat.com/2084183
- https://bugzilla.redhat.com/2084479
- https://bugzilla.redhat.com/2088021
- https://bugzilla.redhat.com/2089815
- https://bugzilla.redhat.com/2090226
- https://bugzilla.redhat.com/2090237
- https://bugzilla.redhat.com/2090240
- https://bugzilla.redhat.com/2090241
- https://bugzilla.redhat.com/2103148
Verify integrity in audit chain (admin only). AS-IS.