Improper Handling of Exceptional Conditions Affecting kernel-devel-matched package, versions <0:5.14.0-162.6.1.el9_1
Threat Intelligence
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-ORACLE9-KERNELDEVELMATCHED-3138294
- published 12 Apr 2022
- disclosed 4 Feb 2022
How to fix?
Upgrade Oracle:9
kernel-devel-matched
to version 0:5.14.0-162.6.1.el9_1 or higher.
This issue was patched in ELSA-2022-8267
.
NVD Description
Note: Versions mentioned in the description apply only to the upstream kernel-devel-matched
package and not the kernel-devel-matched
package as distributed by Oracle
.
See How to fix?
for Oracle:9
relevant fixed versions and status.
An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should occur, but the server instead returns uninitialized data in the file descriptor.
References
- https://linux.oracle.com/cve/CVE-2022-24448.html
- https://linux.oracle.com/errata/ELSA-2022-7683.html
- https://linux.oracle.com/errata/ELSA-2022-8267.html
- https://linux.oracle.com/errata/ELSA-2022-9273.html
- https://linux.oracle.com/errata/ELSA-2022-9274.html
- https://linux.oracle.com/errata/ELSA-2022-9313.html
- https://linux.oracle.com/errata/ELSA-2022-9314.html
- https://linux.oracle.com/errata/ELSA-2024-12571.html
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.5
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ac795161c93699d600db16c1a8cc23a65a1eceaf
- https://github.com/torvalds/linux/commit/ab0fc21bc7105b54bafd85bd8b82742f9e68898a
- https://github.com/torvalds/linux/commit/ac795161c93699d600db16c1a8cc23a65a1eceaf
- https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html
- https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html
- https://lore.kernel.org/all/67d6a536-9027-1928-99b6-af512a36cd1a@huawei.com/T/
- https://www.debian.org/security/2022/dsa-5092
- https://www.debian.org/security/2022/dsa-5096
- https://www.spinics.net/lists/stable/msg531976.html
- https://lore.kernel.org/all/67d6a536-9027-1928-99b6-af512a36cd1a%40huawei.com/T/