CVE-2022-50456Use of Out-of-range Pointer Offset in Linux

CWE-823Use of Out-of-range Pointer Offset5 documents5 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 95.66%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedOct 1

Description

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix resolving backrefs for inline extent followed by prealloc If a file consists of an inline extent followed by a regular or prealloc extent, then a legitimate attempt to resolve a logical address in the non-inline region will result in add_all_parents reading the invalid offset field of the inline extent. If the inline extent item is placed in the leaf eb s.t. it is the first item, attempting to access the offset fiel

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

NVDlinux/linux_kernel3.35.4.229+5
Debianlinux/linux_kernel< 5.10.178-1+3
CVEListV5linux/linux8da6d5815c592b713ecaf4f4f8b631f8359c96c4c59ee1528b3432ec9dca220567f7eb507820917a+6
debiandebian/linux< linux 6.1.4-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
OSV
CVE-2022-50456: In the Linux kernel, the following vulnerability has been resolved: btrfs: fix resolving backrefs for inline extent followed by prealloc If a file con2025-10-01
GHSA
GHSA-3r5q-xgpg-g928: In the Linux kernel, the following vulnerability has been resolved: btrfs: fix resolving backrefs for inline extent followed by prealloc If a file c2025-10-01

📋Vendor Advisories

2
Red Hat
kernel: btrfs: fix resolving backrefs for inline extent followed by prealloc2025-10-01
Debian
CVE-2022-50456: linux - In the Linux kernel, the following vulnerability has been resolved: btrfs: fix ...2022