CVE-2022-50746
NONE EPSS 10.4%
Published Dec 24, 20256mo ago · Modified Jun 17, 20261w ago
Published Dec 24, 2025 6mo ago
Last Modified Jun 17, 2026 1w ago
Description
In the Linux kernel, the following vulnerability has been resolved: erofs: validate the extent length for uncompressed pclusters syzkaller reported a KASAN use-after-free: https://syzkaller.appspot.com/bug?extid=2ae90e873e97f1faf6f2 The referenced fuzzed image actually has two issues: - m_pa == 0 as a non-inlined pcluster; - The logical length is longer than its physical length. The first issue has already been addressed. This patch addresses the second issue by checking the extent length validity.
Threat Intelligence
EPSS Exploit Probability
10.4% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
References 3
- git.kernel.org https://git.kernel.org/stable/c/40c73b2ea9611b5388807be406f30f5e4e1162da
- git.kernel.org https://git.kernel.org/stable/c/c505feba4c0d76084e56ec498ce819f02a7043ae
- git.kernel.org https://git.kernel.org/stable/c/dc8b6bd587b13b85aff6e9d36cdfcd3f955cac9e
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.