CVE-2022-50403 — Integer Overflow or Wraparound in Kernel

CWE-190 — Integer Overflow or Wraparound3 documents3 sources
Severity
7.0MEDIUM
No vector
EPSS
No EPSS data
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Linux Kernel
Timeline
PublishedSep 18

Description

kernel: ext4: fix undefined behavior in bit shift for ext4_check_flag_values A vulnerability was identified in the Linux kernel's ext4 filesystem implementation due to a flaw in how it processes filesystem metadata. An attacker with local privileges could create a malicious ext4 filesystem image to trigger this issue. When the system attempts to mount this malicious image, the kernel performs an incorrect calculation. This action results in unpredictable system behavior. Package: kernel (Red H…

Affected Packages1 packages

â–¶Debianlinux/linux_kernel< 5.10.178-1+3

🔴Vulnerability Details

2
GHSA
GHSA-q97v-qf9h-f4xh: In the Linux kernel, the following vulnerability has been resolved: ext4: fix undefined behavior in bit shift for ext4_check_flag_values Shifting si↗2025-09-18
â–¶
OSV
CVE-2022-50403: In the Linux kernel, the following vulnerability has been resolved: ext4: fix undefined behavior in bit shift for ext4_check_flag_values Shifting si↗2025-09-18
â–¶

📋Vendor Advisories

1
Red Hat
kernel: ext4: fix undefined behavior in bit shift for ext4_check_flag_values↗2025-09-18
â–¶
CVE-2022-50403 — Integer Overflow or Wraparound | cvebase