CVE-2022-50313
MEDIUM EPSS 4.2%
Published Sep 15, 20259mo ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Published Sep 15, 2025 9mo ago
Last Modified Jun 17, 2026 2w ago
Description
In the Linux kernel, the following vulnerability has been resolved: erofs: fix order >= MAX_ORDER warning due to crafted negative i_size As syzbot reported [1], the root cause is that i_size field is a signed type, and negative i_size is also less than EROFS_BLKSIZ. As a consequence, it's handled as fast symlink unexpectedly. Let's fall back to the generic path to deal with such unusual i_size. [1] https://lore.kernel.org/r/000000000000ac8efa05e7feaa1f@google.com
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High
Threat Intelligence
EPSS Exploit Probability
4.2% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Affected Products 5
References 6
- git.kernel.org https://git.kernel.org/stable/c/0ab621fcdff1a58ff4de51a8590fa92a0ecd34be
- git.kernel.org https://git.kernel.org/stable/c/17a0cdbd7b0cf0fc0d7ca4187a67f8f1c18c291f
- git.kernel.org https://git.kernel.org/stable/c/1dd73601a1cba37a0ed5f89a8662c90191df5873
- git.kernel.org https://git.kernel.org/stable/c/6235fb899b25fd287d5e42635ff82196395708cc
- git.kernel.org https://git.kernel.org/stable/c/acc2f40b980c61a9178b72cdedd150b829064997
- git.kernel.org https://git.kernel.org/stable/c/b6c8330f5b0f22149957a2e4977fd0f01a9db7cd
Remediation
- git.kernel.org https://git.kernel.org/stable/c/0ab621fcdff1a58ff4de51a8590fa92a0ecd34be
- git.kernel.org https://git.kernel.org/stable/c/17a0cdbd7b0cf0fc0d7ca4187a67f8f1c18c291f
- git.kernel.org https://git.kernel.org/stable/c/1dd73601a1cba37a0ed5f89a8662c90191df5873
- git.kernel.org https://git.kernel.org/stable/c/6235fb899b25fd287d5e42635ff82196395708cc
- git.kernel.org https://git.kernel.org/stable/c/acc2f40b980c61a9178b72cdedd150b829064997
- git.kernel.org https://git.kernel.org/stable/c/b6c8330f5b0f22149957a2e4977fd0f01a9db7cd