CVE-2022-50083 Information

Jun 19, 2025 cve

Description

In the Linux kernel the following vulnerability has been resolved:

ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h

When adding an xattr to an inode we must ensure that the inode_size is not less than EXT4_GOOD_OLD_INODE_SIZE + extra_isize + pad. Otherwise the end position may be greater than the start position resulting in UAF.

Reference

https://git.kernel.org/stable/c/0e69cf833161b29b2e25dcbf2f2b4e70d75b15cf https://git.kernel.org/stable/c/179b14152dcb6a24c3415200603aebca70ff13af https://git.kernel.org/stable/c/214c68423fd632646c68f3ec8b3c2602cf8273f3 https://git.kernel.org/stable/c/2da44a2927a71bff2bc66cefa8cfbd2ace702536 https://git.kernel.org/stable/c/37d82aa78346866552d573e8badc0aa8db8f1eea https://git.kernel.org/stable/c/4cdc284ffadd6a989f24107ee7f09be43b748fbb https://git.kernel.org/stable/c/748d17d47687e178f8e38938447fa4636c071c41 https://git.kernel.org/stable/c/e6321fda51e5b4dd7ec295afb84cbf63c2634c7b https://git.kernel.org/stable/c/f217b1ccb178475192e6a516fab7230f51ddae94

CNNVD-202506-2372 (Published: 2025-06-18)

Share on: