CVE-2022-50083

Sažetak

In the Linux kernel, the following vulnerability has been resolved: ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h When adding an xattr to an inode, we must ensure that the inode_size is not less than EXT4_GOOD_OLD_INODE_SIZE + extra_isize + pad. Otherwise, the end position may be greater than the start position, resulting in UAF.

Reference

https://git.kernel.org/stable/c/0e69cf833161b29b2e25dcbf2f2b4e70d75b15cf
https://git.kernel.org/stable/c/179b14152dcb6a24c3415200603aebca70ff13af
https://git.kernel.org/stable/c/214c68423fd632646c68f3ec8b3c2602cf8273f3
https://git.kernel.org/stable/c/2da44a2927a71bff2bc66cefa8cfbd2ace702536
https://git.kernel.org/stable/c/37d82aa78346866552d573e8badc0aa8db8f1eea
https://git.kernel.org/stable/c/4cdc284ffadd6a989f24107ee7f09be43b748fbb
https://git.kernel.org/stable/c/748d17d47687e178f8e38938447fa4636c071c41
https://git.kernel.org/stable/c/e6321fda51e5b4dd7ec295afb84cbf63c2634c7b
https://git.kernel.org/stable/c/f217b1ccb178475192e6a516fab7230f51ddae94

CVSS

Base:	0.0
Impact:	None
Exploitability:	None

Pristup

Vektor	Složenost	Autentikacija
None	None	None

Impact

Povjerljivost	Cjelovitost	Dostupnost
None	None	None

CVSS vektor

None

Zadnje važnije ažuriranje

18-06-2025 - 13:47

Objavljeno

18-06-2025 - 11:15