{"id":"CVE-2022-24448","details":"An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should occur, but the server instead returns uninitialized data in the file descriptor.","modified":"2026-03-15T22:44:53.648588Z","published":"2022-02-04T20:15:08.723Z","related":["ALSA-2022:7444","ALSA-2022:7683","ALSA-2022:7933","ALSA-2022:8267","MGASA-2022-0062","MGASA-2022-0063","SUSE-SU-2022:0555-1","SUSE-SU-2022:0756-1","SUSE-SU-2022:0757-1","SUSE-SU-2022:0759-1","SUSE-SU-2022:0762-1","SUSE-SU-2022:0765-1","SUSE-SU-2022:0766-1","SUSE-SU-2022:0767-1","SUSE-SU-2022:0768-1","SUSE-SU-2022:1037-1","SUSE-SU-2022:1038-1","SUSE-SU-2022:1039-1","SUSE-SU-2022:1257-1","SUSE-SU-2022:2079-1","SUSE-SU-2022:2080-1","openSUSE-SU-2022:0768-1","openSUSE-SU-2022:1037-1","openSUSE-SU-2022:1039-1"],"references":[{"type":"WEB","url":"https://lore.kernel.org/all/67d6a536-9027-1928-99b6-af512a36cd1a%40huawei.com/T/"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"},{"type":"ADVISORY","url":"https://www.debian.org/security/2022/dsa-5092"},{"type":"ADVISORY","url":"https://www.debian.org/security/2022/dsa-5096"},{"type":"FIX","url":"https://github.com/torvalds/linux/commit/ac795161c93699d600db16c1a8cc23a65a1eceaf"},{"type":"FIX","url":"https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ac795161c93699d600db16c1a8cc23a65a1eceaf"},{"type":"FIX","url":"https://github.com/torvalds/linux/commit/ab0fc21bc7105b54bafd85bd8b82742f9e68898a"},{"type":"FIX","url":"https://www.spinics.net/lists/stable/msg531976.html"},{"type":"FIX","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.5"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-24448.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"5.16.5"}]},{"events":[{"introduced":"0"},{"last_affected":"9.0"}]},{"events":[{"introduced":"0"},{"last_affected":"10.0"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}]}