CVE - CVE-2022-48757

CVE-ID
CVE-2022-48757	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: net: fix information leakage in /proc/net/ptype In one net namespace, after creating a packet socket without binding it to a device, users in other net namespaces can observe the new `packet_type` added by this packet socket by reading `/proc/net/ptype` file. This is minor information leakage as packet socket is namespace aware. Add a net pointer in `packet_type` to keep the net namespace of of corresponding packet socket. In `ptype_seq_show`, this net pointer must be checked when it is not NULL.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/47934e06b65637c88a762d9c98329ae6e3238888 URL:https://git.kernel.org/stable/c/47934e06b65637c88a762d9c98329ae6e3238888 MISC:https://git.kernel.org/stable/c/839ec7039513a4f84bfbaff953a9393471176bee URL:https://git.kernel.org/stable/c/839ec7039513a4f84bfbaff953a9393471176bee MISC:https://git.kernel.org/stable/c/8f88c78d24f6f346919007cd459fd7e51a8c7779 URL:https://git.kernel.org/stable/c/8f88c78d24f6f346919007cd459fd7e51a8c7779 MISC:https://git.kernel.org/stable/c/b67ad6170c0ea87391bb253f35d1f78857736e54 URL:https://git.kernel.org/stable/c/b67ad6170c0ea87391bb253f35d1f78857736e54 MISC:https://git.kernel.org/stable/c/be1ca30331c7923c6f376610c1bd6059be9b1908 URL:https://git.kernel.org/stable/c/be1ca30331c7923c6f376610c1bd6059be9b1908 MISC:https://git.kernel.org/stable/c/c38023032a598ec6263e008d62c7f02def72d5c7 URL:https://git.kernel.org/stable/c/c38023032a598ec6263e008d62c7f02def72d5c7 MISC:https://git.kernel.org/stable/c/db044d97460ea792110eb8b971e82569ded536c6 URL:https://git.kernel.org/stable/c/db044d97460ea792110eb8b971e82569ded536c6 MISC:https://git.kernel.org/stable/c/e372ecd455b6ebc7720f52bf4b5f5d44d02f2092 URL:https://git.kernel.org/stable/c/e372ecd455b6ebc7720f52bf4b5f5d44d02f2092 MISC:https://git.kernel.org/stable/c/e43669c77cb3a742b7d84ecdc7c68c4167a7709b URL:https://git.kernel.org/stable/c/e43669c77cb3a742b7d84ecdc7c68c4167a7709b
Assigning CNA
kernel.org
Date Record Created
20240620	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20240620)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)