CVE-2022-0850Sensitive Information Exposure in Kernel

CWE-200Sensitive Information Exposure11 documents9 sources
Severity
7.1HIGHNVD
OSV6.7
EPSS
0.0%
top 93.16%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
Linux KernelDebian LinuxPaloalto Pan-os+3 more
Timeline
PublishedAug 29
Latest updateFeb 14

Description

A vulnerability was found in linux kernel, where an information leak occurs via ext4_extent_header to userspace.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:HExploitability: 1.8 | Impact: 5.2

Affected Packages9 packages

NVDlinux/linux_kernel4.54.9.276+7
Debianlinux/linux_kernel< 5.10.70-1+3
Ubuntulinux/linux_kernel< 4.4.0-234.268
CVEListV5linux/linux_kernelFixed in kernel v5.14 rc1
debiandebian/linux< linux 5.14.6-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

4
OSV
CVE-2022-0850: In multiple functions of extents2023-02-01
OSV
linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities2022-09-30
GHSA
GHSA-7j2j-7v7j-fvhc: A vulnerability was found in linux kernel, where an information leak occurs via ext4_extent_header to userspace2022-08-29
OSV
CVE-2022-0850: A vulnerability was found in linux kernel, where an information leak occurs via ext4_extent_header to userspace2022-08-29

📋Vendor Advisories

6
Palo Alto
PAN-SA-2024-0001 Informational Bulletin: Impact of OSS CVEs in PAN-OS2024-02-14
Android
CVE-2022-0850: ext42023-02-01
Ubuntu
Linux kernel vulnerabilities2022-09-30
Microsoft
A vulnerability was found in linux kernel where an information leak occurs via ext4_extent_header to userspace.2022-08-09
Debian
CVE-2022-0850: linux - A vulnerability was found in linux kernel, where an information leak occurs via ...2022
CVE-2022-0850 — Sensitive Information Exposure | cvebase