CVE-2022-0850

Published Aug 29, 2022

Last updated a year ago

CVSS high 7.1

Overview

Description: A vulnerability was found in linux kernel, where an information leak occurs via ext4_extent_header to userspace.
Source: secalert@redhat.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.1
Impact score: 5.2
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Severity: HIGH

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo
secalert@redhat.com: CWE-200

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "10282F37-B17F-4974-967E-FCD5ABC9AB8E",
            "versionEndExcluding": "4.4.276"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C79FFC06-9530-4CD7-B651-01D786CC925E",
            "versionEndExcluding": "4.9.276",
            "versionStartIncluding": "4.5"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FB359B2E-773D-4D52-9915-E07A47ABE72B",
            "versionEndExcluding": "4.14.240",
            "versionStartIncluding": "4.10"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B93AEDB9-C52B-4222-8F9A-882DAD9EF5B2",
            "versionEndExcluding": "4.19.198",
            "versionStartIncluding": "4.15"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E5966F80-A617-4D4E-BD72-700667B23F59",
            "versionEndExcluding": "5.4.132",
            "versionStartIncluding": "4.20"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A75FED7E-35B9-47D5-BAC3-2E805AFB1EAC",
            "versionEndExcluding": "5.10.50",
            "versionStartIncluding": "5.5.0"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7D020659-CECE-4B3C-A79E-294AB144C598",
            "versionEndExcluding": "5.12.17",
            "versionStartIncluding": "5.11"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "471B868E-37A7-4831-8A1B-85BB20D2F990",
            "versionEndExcluding": "5.13.2",
            "versionStartIncluding": "5.13"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References