CVE-2022-49380

MEDIUM EPSS 15.1%
Published Feb 26, 20251y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Feb 26, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid f2fs_bug_on() in dec_valid_node_count() As Yanming reported in bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=215897 I have encountered a bug in F2FS file system in kernel v5.17. The kernel should enable CONFIG_KASAN=y and CONFIG_KASAN_INLINE=y. You can reproduce the bug by running the following commands: The kernel message is shown below: kernel BUG at fs/f2fs/f2fs.h:2511! Call Trace: f2fs_remove_inode_page+0x2a2/0x830 f2fs_evict_inode+0x9b7/0x1510 evict+0x282/0x4e0 do_unlinkat+0x33a/0x540 __x64_sys_unlinkat+0x8e/0xd0 do_syscall_64+0x3b/0x90 entry_SYSCALL_64_after_hwframe+0x44/0xae The root cause is: .total_valid_block_count or .total_valid_node_count could fuzzed to zero, then once dec_valid_node_count() was called, it will cause BUG_ON(), this patch fixes to print warning info and set SBI_NEED_FSCK into CP instead of panic.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
15.1% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 5

VendorProductVersionRange
linuxlinux_kernel*≥3.8  –  <5.4.198
linuxlinux_kernel*≥5.5  –  <5.10.121
linuxlinux_kernel*≥5.11  –  <5.15.46
linuxlinux_kernel*≥5.16  –  <5.17.14
linuxlinux_kernel*≥5.18  –  <5.18.3

References 6

  • git.kernel.org https://git.kernel.org/stable/c/2766ddaf45b69252bb8fe526b5b6e56904a9ae7a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4d17e6fe9293d57081ffdc11e1cf313e25e8fd9e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/89d9a48d0cd30429463ea4e37ca83be6773ed5eb
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/bce859358d3d5940aa858e40ceee70ee6e76130e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ccffa99ae6a1f44797b57444c6a80382a42928fe
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f8b3c3fcf33105bc1ee7788e3b51b0a1ae42ae53
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/2766ddaf45b69252bb8fe526b5b6e56904a9ae7a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4d17e6fe9293d57081ffdc11e1cf313e25e8fd9e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/89d9a48d0cd30429463ea4e37ca83be6773ed5eb
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/bce859358d3d5940aa858e40ceee70ee6e76130e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ccffa99ae6a1f44797b57444c6a80382a42928fe
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f8b3c3fcf33105bc1ee7788e3b51b0a1ae42ae53
    Patch