In the Linux kernel, the following vulnerability has been resolved: block: Fix wrong offset in bio_truncate() bio_truncate() clears the buffer outside of last block of bdev, however current bio_truncate() is using the wrong offset of page. So it can return the uninitialized data. This happened when both of truncated/corrupted FS and userspace (via bdev) are trying to read the last of bdev. CREATE(Triage):(User=admin) CVE-2022-48747 (https://nvd.nist.gov/vuln/detail/CVE-2022-48747)
