Invalid kfree vulnerability in Linux kernel through 6.2.7 allows for unauthorized replaying of logs in fs/ntfs3/inode.c

Invalid kfree vulnerability in Linux kernel through 6.2.7 allows for unauthorized replaying of logs in fs/ntfs3/inode.c

CVE-2022-48425 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.