CVE-2022-50845
ext4: fix inode leak in ext4_xattr_inode_create() on an error path
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved: ext4: fix inode leak in ext4_xattr_inode_create() on an error path There is issue as follows when do setxattr with inject fault: [localhost]# fsck.ext4 -fn /dev/sda
e2fsck 1.46.6-rc1 (12-Sep-2022)
Pass 1: Checking inodes, blocks, and sizes
Pass 2: Checking directory structure
Pass 3: Checking directory connectivity
Pass 4: Checking reference counts
Unattached zero-length inode 15. Clear? no Unattached inode 15
Connect to /lost+found? no Pass 5: Checking group summary information /dev/sda: ********** WARNING: Filesystem still has errors ********** /dev/sda: 15/655360 files (0.0% non-contiguous), 66755/2621440 blocks This occurs in 'ext4_xattr_inode_create()'. If 'ext4_mark_inode_dirty()'
fails, dropping i_nlink of the inode is needed. Or will lead to inode leak.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2025-12-30 CVE Reserved
- 2025-12-30 CVE Published
- 2026-01-02 CVE Updated
- 2026-01-05 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (9)
| URL | Tag | Source |
|---|---|---|
| https://git.kernel.org/stable/c/bd3b963b273e247e13979f98812a6e4979b5c1e4 | Vuln. Introduced |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.13 < 4.14.303 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.13 < 4.14.303" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.13 < 4.19.270 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.13 < 4.19.270" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.13 < 5.4.229 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.13 < 5.4.229" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.13 < 5.10.163 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.13 < 5.10.163" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.13 < 5.15.87 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.13 < 5.15.87" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.13 < 6.0.18 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.13 < 6.0.18" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.13 < 6.1.4 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.13 < 6.1.4" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.13 < 6.2 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.13 < 6.2" | en |
Affected
| ||||||