CVE-2022-50333 — Out-of-bounds Read in Linux

CWE-125 — Out-of-bounds Read CWE-1285 — Improper Validation of Specified Index, Position, or Offset in Input5 documents5 sources

Severity

7.1HIGHNVD

EPSS

0.0%

top 97.76%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedSep 15

Description

In the Linux kernel, the following vulnerability has been resolved: fs: jfs: fix shift-out-of-bounds in dbDiscardAG This should be applied to most URSAN bugs found recently by syzbot, by guarding the dbMount. As syzbot feeding rubbish into the bmap descriptor.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:HExploitability: 1.8 | Impact: 5.2

Affected Packages4 packages

▶NVDlinux/linux_kernel4.10 — 4.14.303+7

▶Debianlinux/linux_kernel< 5.10.178-1+3

▶CVEListV5linux/linuxb40c2e665cd552eae5fbdbb878bc29a34357668e — f8d4d0bac603616e2fa4a3907e81ed13f8f3c380+9

▶debiandebian/linux< linux 6.1.4-1 (bookworm)

Patches

Patch: git.kernel.org ↗Patch: git.kernel.org ↗Patch: git.kernel.org ↗

🔴Vulnerability Details

OSV

CVE-2022-50333: In the Linux kernel, the following vulnerability has been resolved: fs: jfs: fix shift-out-of-bounds in dbDiscardAG This should be applied to most URS↗2025-09-15

▶

GHSA

GHSA-x2qw-p796-x9v7: In the Linux kernel, the following vulnerability has been resolved: fs: jfs: fix shift-out-of-bounds in dbDiscardAG This should be applied to most U↗2025-09-15

▶

📋Vendor Advisories

Red Hat

kernel: fs: jfs: fix shift-out-of-bounds in dbDiscardAG↗2025-09-15

▶

Debian

CVE-2022-50333: linux - In the Linux kernel, the following vulnerability has been resolved: fs: jfs: fi...↗2022

▶