CVE-2022-50428Off-by-one Error in Linux

CWE-193Off-by-one Error6 documents6 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 96.90%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedOct 1

Description

In the Linux kernel, the following vulnerability has been resolved: ext4: fix off-by-one errors in fast-commit block filling Due to several different off-by-one errors, or perhaps due to a late change in design that wasn't fully reflected in the code that was actually merged, there are several very strange constraints on how fast-commit blocks are filled with tlv entries: - tlvs must start at least 10 bytes before the end of the block, even though the minimum tlv length is 8. Otherwise, the r

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

NVDlinux/linux_kernel5.105.15.87+2
Debianlinux/linux_kernel< 6.1.4-1+2
CVEListV5linux/linuxaa75f4d3daaeb1389b9cce9d6b84401eaf228d4e18f28f13301d1afb8cea9c4ddcecdbff14488ec6+4
debiandebian/linux< linux 6.1.4-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
GHSA
GHSA-362x-q9rc-h58c: In the Linux kernel, the following vulnerability has been resolved: ext4: fix off-by-one errors in fast-commit block filling Due to several differen2025-10-01
OSV
CVE-2022-50428: In the Linux kernel, the following vulnerability has been resolved: ext4: fix off-by-one errors in fast-commit block filling Due to several different2025-10-01

📋Vendor Advisories

2
Red Hat
kernel: ext4: fix off-by-one errors in fast-commit block filling2025-10-01
Debian
CVE-2022-50428: linux - In the Linux kernel, the following vulnerability has been resolved: ext4: fix o...2022

💬Community

1
Bugzilla
CVE-2022-50428 kernel: ext4: fix off-by-one errors in fast-commit block filling2025-10-01