CVE-2022-50747

NONE EPSS 14.9%
Published Dec 24, 20256mo ago · Modified Jun 17, 20261w ago
Find Similar
Published Dec 24, 2025 6mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: hfs: Fix OOB Write in hfs_asc2mac Syzbot reported a OOB Write bug: loop0: detected capacity change from 0 to 64 ================================================================== BUG: KASAN: slab-out-of-bounds in hfs_asc2mac+0x467/0x9a0 fs/hfs/trans.c:133 Write of size 1 at addr ffff88801848314e by task syz-executor391/3632 Call Trace: <TASK> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x1b1/0x28e lib/dump_stack.c:106 print_address_description+0x74/0x340 mm/kasan/report.c:284 print_report+0x107/0x1f0 mm/kasan/report.c:395 kasan_report+0xcd/0x100 mm/kasan/report.c:495 hfs_asc2mac+0x467/0x9a0 fs/hfs/trans.c:133 hfs_cat_build_key+0x92/0x170 fs/hfs/catalog.c:28 hfs_lookup+0x1ab/0x2c0 fs/hfs/dir.c:31 lookup_open fs/namei.c:3391 [inline] open_last_lookups fs/namei.c:3481 [inline] path_openat+0x10e6/0x2df0 fs/namei.c:3710 do_filp_open+0x264/0x4f0 fs/namei.c:3740 If in->len is much larger than HFS_NAMELEN(31) which is the maximum length of an HFS filename, a OOB write could occur in hfs_asc2mac(). In that case, when the dst reaches the boundary, the srclen is still greater than 0, which causes a OOB write. Fix this by adding a check on dstlen in while() before writing to dst address.

Threat Intelligence

EPSS Exploit Probability
14.9% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

References 9

  • git.kernel.org https://git.kernel.org/stable/c/6a95b17e4d4cd2d8278559f930b447f8c9c8cff9
  • git.kernel.org https://git.kernel.org/stable/c/7af9cb8cbb81308ce4b06cc7164267faccbf75dd
  • git.kernel.org https://git.kernel.org/stable/c/8399318b13dc9e0569dee07ba2994098926d4fb2
  • git.kernel.org https://git.kernel.org/stable/c/88579c158e026860c61c4192531e8bc42f4bc642
  • git.kernel.org https://git.kernel.org/stable/c/95040de81c629cd8d3c6ab5b50a8bd5088068303
  • git.kernel.org https://git.kernel.org/stable/c/ae21b03f904736eb2aa9bd119d2a14e741f1681f
  • git.kernel.org https://git.kernel.org/stable/c/ba8f0ca386dd15acf5a93cbac932392c7818eab4
  • git.kernel.org https://git.kernel.org/stable/c/c53ed55cb275344086e32a7080a6b19cb183650b
  • git.kernel.org https://git.kernel.org/stable/c/cff9fefdfbf5744afbb6d70bff2b49ec2065d23d

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.