CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49364 – f2fs: fix to clear dirty inode in f2fs_evict_inode()
https://notcve.org/view.php?id=CVE-2022-49364
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to clear dirty inode in f2fs_evict_inode() As Yanming reported in bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=215904 The kernel message is shown below: kernel BUG at fs/f2fs/inode.c:825! Call Trace: evict+0x282/0x4e0 __dentry_kill+0x2b2/0x4d0 shrink_dentry_list+0x17c/0x4f0 shrink_dcache_parent+0x143/0x1e0 do_one_tree+0x9/0x30 shrink_dcache_for_umount+0x51/0x120 generic_shutdown_super+0x5c/0x3a0 kill_block_super+0x90/0xd0... • https://git.kernel.org/stable/c/54c116615c99e22aa08aa950757ed726e2f60821 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-49363 – f2fs: fix to do sanity check on block address in f2fs_do_zero_range()
https://notcve.org/view.php?id=CVE-2022-49363
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on block address in f2fs_do_zero_range() As Yanming reported in bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=215894 I have encountered a bug in F2FS file system in kernel v5.17. I have uploaded the system call sequence as case.c, and a fuzzed image can be found in google net disk The kernel should enable CONFIG_KASAN=y and CONFIG_KASAN_INLINE=y. You can reproduce the bug by running the following command... • https://git.kernel.org/stable/c/7361c9f2bd6a8f0cbb41cdea9aff04765ff23f67 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49361 – f2fs: fix to do sanity check for inline inode
https://notcve.org/view.php?id=CVE-2022-49361
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check for inline inode Yanming reported a kernel bug in Bugzilla kernel [1], which can be reproduced. The bug message is: The kernel message is shown below: kernel BUG at fs/inode.c:611! Call Trace: evict+0x282/0x4e0 __dentry_kill+0x2b2/0x4d0 dput+0x2dd/0x720 do_renameat2+0x596/0x970 __x64_sys_rename+0x78/0x90 do_syscall_64+0x3b/0x90 [1] https://bugzilla.kernel.org/show_bug.cgi?id=215895 The bug is due to fuzzed inode... • https://git.kernel.org/stable/c/efdefbe8b7564602ab446474788225a1f2a323b5 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49360 – f2fs: fix to do sanity check on total_data_blocks
https://notcve.org/view.php?id=CVE-2022-49360
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on total_data_blocks As Yanming reported in bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=215916 The kernel message is shown below: kernel BUG at fs/f2fs/segment.c:2560! Call Trace: allocate_segment_by_default+0x228/0x440 f2fs_allocate_data_block+0x13d1/0x31f0 do_write_page+0x18d/0x710 f2fs_outplace_write_data+0x151/0x250 f2fs_do_write_data_page+0xef9/0x1980 move_data_page+0x6af/0xbc0 do_garbage_collect+... • https://git.kernel.org/stable/c/ef221b738b26d8c9f7e7967f4586db2dd3bd5288 •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49349 – ext4: fix use-after-free in ext4_rename_dir_prepare
https://notcve.org/view.php?id=CVE-2022-49349
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: fix use-after-free in ext4_rename_dir_prepare We got issue as follows: EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue ext4_get_first_dir_block: bh->b_data=0xffff88810bee6000 len=34478 ext4_get_first_dir_block: *parent_de=0xffff88810beee6ae bh->b_data=0xffff88810bee6000 ext4_rename_dir_prepare: [1] parent_de=0xffff88810beee6ae ================================================================== BUG: KASAN: us... • https://git.kernel.org/stable/c/1a3a15bf6f9963d755270cbdb282863b84839195 • CWE-416: Use After Free •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49347 – ext4: fix bug_on in ext4_writepages
https://notcve.org/view.php?id=CVE-2022-49347
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug_on in ext4_writepages we got issue as follows: EXT4-fs error (device loop0): ext4_mb_generate_buddy:1141: group 0, block bitmap and bg descriptor inconsistent: 25 vs 31513 free cls ------------[ cut here ]------------ kernel BUG at fs/ext4/inode.c:2708! invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI CPU: 2 PID: 2147 Comm: rep Not tainted 5.18.0-rc2-next-20220413+ #155 RIP: 0010:ext4_writepages+0x1977/0x1c10 RSP: 0018:ffff8881... • https://git.kernel.org/stable/c/19918ec7717d87d5ab825884a46b26b21375d7ce •
CVSS: 5.4EPSS: 0%CPEs: 17EXPL: 0CVE-2022-49344 – af_unix: Fix a data-race in unix_dgram_peer_wake_me().
https://notcve.org/view.php?id=CVE-2022-49344
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix a data-race in unix_dgram_peer_wake_me(). unix_dgram_poll() calls unix_dgram_peer_wake_me() without `other`'s lock held and check if its receive queue is full. Here we need to use unix_recvq_full_lockless() instead of unix_recvq_full(), otherwise KCSAN will report a data-race. In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix a data-race in unix_dgram_peer_wake_me(). unix_dgram_poll() calls unix_d... • https://git.kernel.org/stable/c/7d267278a9ece963d77eefec61630223fce08c6c • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49343 – ext4: avoid cycles in directory h-tree
https://notcve.org/view.php?id=CVE-2022-49343
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: avoid cycles in directory h-tree A maliciously corrupted filesystem can contain cycles in the h-tree stored inside a directory. That can easily lead to the kernel corrupting tree nodes that were already verified under its hands while doing a node split and consequently accessing unallocated memory. Fix the problem by verifying traversed block numbers are unique. In the Linux kernel, the following vulnerability has been resolved: ext4:... • https://git.kernel.org/stable/c/24b8206fec1db21d7e82f21f0b2ff5e5672cf5b3 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49337 – ocfs2: dlmfs: fix error handling of user_dlm_destroy_lock
https://notcve.org/view.php?id=CVE-2022-49337
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ocfs2: dlmfs: fix error handling of user_dlm_destroy_lock When user_dlm_destroy_lock failed, it didn't clean up the flags it set before exit. For USER_LOCK_IN_TEARDOWN, if this function fails because of lock is still in used, next time when unlink invokes this function, it will return succeed, and then unlink will remove inode and dentry if lock is not in used(file closed), but the dlm lock is still linked in dlm lock resource, then when ba... • https://git.kernel.org/stable/c/1434cd71ad9f3a6beda3036972983b6c4869207c •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49335 – drm/amdgpu/cs: make commands with 0 chunks illegal behaviour.
https://notcve.org/view.php?id=CVE-2022-49335
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/cs: make commands with 0 chunks illegal behaviour. Submitting a cs with 0 chunks, causes an oops later, found trying to execute the wrong userspace driver. MESA_LOADER_DRIVER_OVERRIDE=v3d glxinfo [172536.665184] BUG: kernel NULL pointer dereference, address: 00000000000001d8 [172536.665188] #PF: supervisor read access in kernel mode [172536.665189] #PF: error_code(0x0000) - not-present page [172536.665191] PGD 6712a0067 P4D 6712a... • https://git.kernel.org/stable/c/8189f44270db1be78169e11eec51a3eeb980bc63 •