CVE-2022-50377 — Expired Pointer Dereference in Kernel

CWE-825 — Expired Pointer Dereference3 documents3 sources
Severity
2.5LOW
No vector
EPSS
No EPSS data
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Linux Kernel
Timeline
PublishedSep 18

Description

In the Linux kernel, the following vulnerability has been resolved: ext4: check and assert if marking an no_delete evicting inode dirty In ext4_evict_inode(), if we evicting an inode in the 'no_delete' path, it cannot be raced by another mark_inode_dirty(). If it happens, someone else may accidentally dirty it without holding inode refcount and probably cause use-after-free issues in the writeback procedure. It's indiscoverable and hard to debug, so add an WARN_ON_ONCE() to check and detect th…

Affected Packages1 packages

â–¶Debianlinux/linux_kernel< 5.10.178-1+3

🔴Vulnerability Details

2
OSV
CVE-2022-50377: In the Linux kernel, the following vulnerability has been resolved: ext4: check and assert if marking an no_delete evicting inode dirty In ext4_evic↗2025-09-18
â–¶
GHSA
GHSA-qw69-ghqj-2qf3: In the Linux kernel, the following vulnerability has been resolved: ext4: check and assert if marking an no_delete evicting inode dirty In ext4_evic↗2025-09-18
â–¶

📋Vendor Advisories

1
Red Hat
kernel: ext4: check and assert if marking an no_delete evicting inode dirty↗2025-09-18
â–¶
CVE-2022-50377 — Expired Pointer Dereference in Kernel | cvebase