CVE-2022-49739

MEDIUM EPSS 9.2%
Published Mar 27, 20251y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Mar 27, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: gfs2: Always check inode size of inline inodes Check if the inode size of stuffed (inline) inodes is within the allowed range when reading inodes from disk (gfs2_dinode_in()). This prevents us from on-disk corruption. The two checks in stuffed_readpage() and gfs2_unstuffer_page() that just truncate inline data to the maximum allowed size don't actually make sense, and they can be removed now as well.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
9.2% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 5

VendorProductVersionRange
linuxlinux_kernel* <4.19.280
linuxlinux_kernel*≥4.20  –  <5.4.240
linuxlinux_kernel*≥5.5  –  <5.10.177
linuxlinux_kernel*≥5.11  –  <5.15.93
linuxlinux_kernel*≥5.16  –  <6.1.11

References 6

  • git.kernel.org https://git.kernel.org/stable/c/45df749f827c286adbc951f2a4865b67f0442ba9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/46c9088cabd4d0469fdb61ac2a9c5003057fe94d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4d4cb76636134bf9a0c9c3432dae936f99954586
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/70376c7ff31221f1d21db5611d8209e677781d3a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7c414f6f06e9a3934901b6edc3177ae5a1e07094
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d458a0984429c2d47e60254f5bc4119cbafe83a2
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/45df749f827c286adbc951f2a4865b67f0442ba9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/46c9088cabd4d0469fdb61ac2a9c5003057fe94d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4d4cb76636134bf9a0c9c3432dae936f99954586
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/70376c7ff31221f1d21db5611d8209e677781d3a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7c414f6f06e9a3934901b6edc3177ae5a1e07094
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d458a0984429c2d47e60254f5bc4119cbafe83a2
    Patch