CVE-2022-50328

Опубликовано: 15 сент. 2025

Источник: redhat

CVSS3: 5.1

EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved: jbd2: fix potential use-after-free in jbd2_fc_wait_bufs In 'jbd2_fc_wait_bufs' use 'bh' after put buffer head reference count which may lead to use-after-free. So judge buffer if uptodate before put buffer head reference count.

Отчет

This issue is a use-after-free in the ext4 journaling subsystem (jbd2 fast commit path). An object (bh) was referenced after its refcount was dropped, which could result in a kernel crash or system instability. The realistic impact is a local denial of service when writing to an ext4 filesystem with fast commit enabled. The fast commit feature in ext4 is disabled by default, and it must be explicitly enabled by the system administrator (before this issue could be triggered).

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 10	kernel	Not affected
Red Hat Enterprise Linux 6	kernel	Out of support scope
Red Hat Enterprise Linux 7	kernel	Fix deferred
Red Hat Enterprise Linux 7	kernel-rt	Fix deferred
Red Hat Enterprise Linux 8	kernel	Fix deferred
Red Hat Enterprise Linux 8	kernel-rt	Fix deferred
Red Hat Enterprise Linux 9	kernel	Fix deferred
Red Hat Enterprise Linux 9	kernel-rt	Fix deferred

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-416

https://bugzilla.redhat.com/show_bug.cgi?id=2395328kernel: jbd2: fix potential use-after-free in jbd2_fc_wait_bufs

EPSS

Процентиль: 5%

0.00023

Низкий

5.1 Medium

CVSS3

Связанные уязвимости

CVE-2022-50328

CVSS3: 7.8

ubuntu

5 месяцев назад

CVE-2022-50328

CVSS3: 7.8

nvd

5 месяцев назад

CVE-2022-50328

CVSS3: 7.8

debian

5 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: j ...

GHSA-72g6-vhcp-944p

CVSS3: 7.8

github

5 месяцев назад

SUSE-SU-2025:03628-1

suse-cvrf

4 месяца назад

Security update for the Linux Kernel

EPSS

Процентиль: 5%

0.00023

Низкий

5.1 Medium

CVSS3