CVE-2022-50485

MEDIUM EPSS 5.0%
Published Oct 4, 20259mo ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Oct 4, 2025 9mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: ext4: add EXT4_IGET_BAD flag to prevent unexpected bad inode There are many places that will get unhappy (and crash) when ext4_iget() returns a bad inode. However, if iget the boot loader inode, allows a bad inode to be returned, because the inode may not be initialized. This mechanism can be used to bypass some checks and cause panic. To solve this problem, we add a special iget flag EXT4_IGET_BAD. Only with this flag we'd be returning bad inode from ext4_iget(), otherwise we always return the error code if the inode is bad inode.(suggested by Jan Kara)

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
5.0% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 5

VendorProductVersionRange
linuxlinux_kernel*≥3.10  –  <5.4.229
linuxlinux_kernel*≥5.5  –  <5.10.163
linuxlinux_kernel*≥5.11  –  <5.15.87
linuxlinux_kernel*≥5.16  –  <6.0.18
linuxlinux_kernel*≥6.1  –  <6.1.4

References 6

  • git.kernel.org https://git.kernel.org/stable/c/2142dfa1de61e25b83198af0308ec7689cca25d3
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/488a5c2bf7543c3cd3f07a025f2e62be91599430
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/63b1e9bccb71fe7d7e3ddc9877dbdc85e5d2d023
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c0a738875c2e9c8c3366d792f8bf7fe508d5e5a5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f725b290ed79ad61e4f721fee95a287892d8b1ad
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f7e6b5548f915d7aa435d0764d41eacfb49c6e09
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/2142dfa1de61e25b83198af0308ec7689cca25d3
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/488a5c2bf7543c3cd3f07a025f2e62be91599430
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/63b1e9bccb71fe7d7e3ddc9877dbdc85e5d2d023
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c0a738875c2e9c8c3366d792f8bf7fe508d5e5a5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f725b290ed79ad61e4f721fee95a287892d8b1ad
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f7e6b5548f915d7aa435d0764d41eacfb49c6e09
    Patch