Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2022-50485

Опубликовано: 04 окт. 2025
Источник: nvd
CVSS3: 5.5
EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved:

ext4: add EXT4_IGET_BAD flag to prevent unexpected bad inode

There are many places that will get unhappy (and crash) when ext4_iget() returns a bad inode. However, if iget the boot loader inode, allows a bad inode to be returned, because the inode may not be initialized. This mechanism can be used to bypass some checks and cause panic. To solve this problem, we add a special iget flag EXT4_IGET_BAD. Only with this flag we'd be returning bad inode from ext4_iget(), otherwise we always return the error code if the inode is bad inode.(suggested by Jan Kara)

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 3.10 (включая) до 5.4.229 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 5.5 (включая) до 5.10.163 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 5.11 (включая) до 5.15.87 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 5.16 (включая) до 6.0.18 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 6.1 (включая) до 6.1.4 (исключая)

EPSS

Процентиль: 11%
0.00036
Низкий

5.5 Medium

CVSS3

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

ubuntu логотип

CVE-2022-50485

CVSS3: 5.5
ubuntu
4 месяца назад

In the Linux kernel, the following vulnerability has been resolved: ext4: add EXT4_IGET_BAD flag to prevent unexpected bad inode There are many places that will get unhappy (and crash) when ext4_iget() returns a bad inode. However, if iget the boot loader inode, allows a bad inode to be returned, because the inode may not be initialized. This mechanism can be used to bypass some checks and cause panic. To solve this problem, we add a special iget flag EXT4_IGET_BAD. Only with this flag we'd be returning bad inode from ext4_iget(), otherwise we always return the error code if the inode is bad inode.(suggested by Jan Kara)

debian логотип

CVE-2022-50485

CVSS3: 5.5
debian
4 месяца назад

In the Linux kernel, the following vulnerability has been resolved: e ...

github логотип

GHSA-7gg4-pr88-8256

CVSS3: 5.5
github
4 месяца назад

In the Linux kernel, the following vulnerability has been resolved: ext4: add EXT4_IGET_BAD flag to prevent unexpected bad inode There are many places that will get unhappy (and crash) when ext4_iget() returns a bad inode. However, if iget the boot loader inode, allows a bad inode to be returned, because the inode may not be initialized. This mechanism can be used to bypass some checks and cause panic. To solve this problem, we add a special iget flag EXT4_IGET_BAD. Only with this flag we'd be returning bad inode from ext4_iget(), otherwise we always return the error code if the inode is bad inode.(suggested by Jan Kara)

suse-cvrf логотип

SUSE-SU-2025:4189-1

suse-cvrf
3 месяца назад

Security update for the Linux Kernel

suse-cvrf логотип

SUSE-SU-2025:4111-1

suse-cvrf
3 месяца назад

Security update for the Linux Kernel

EPSS

Процентиль: 11%
0.00036
Низкий

5.5 Medium

CVSS3

Дефекты

NVD-CWE-noinfo