CVE-2022-50546Use of Uninitialized Resource in Linux

CWE-908Use of Uninitialized Resource6 documents6 sources
Severity
7.8HIGHNVD
EPSS
0.0%
top 96.97%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedOct 7
Latest updateApr 20

Description

In the Linux kernel, the following vulnerability has been resolved: ext4: fix uninititialized value in 'ext4_evict_inode' Syzbot found the following issue: BUG: KMSAN: uninit-value in ext4_evict_inode+0xdd/0x26b0 fs/ext4/inode.c:180 ext4_evict_inode+0xdd/0x26b0 fs/ext4/inode.c:180 evict+0x365/0x9a0 fs/inode.c:664 iput_final fs/inode.c:1747 [inline] iput+0x985/0xdd0 fs/inode.c:1773 __ext4_new_inode+0xe54/0x7ec0 fs/ext4/ialloc.c:1361 ext4_mknod+0x376/0x840 fs/ext4/namei.c:2844 vfs_mknod+0x79d/0x

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages4 packages

NVDlinux/linux_kernel5.15.615.15.87+4
Debianlinux/linux_kernel< 5.10.178-1+3
CVEListV5linux/linuxbb337d8dd1e1d6b7719872e45e36392f3ab14b4ff0bffdcc7cb14598af2aa706f1e0f2a9054154ba+9
debiandebian/linux< linux 6.1.4-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

3
VulDB
Linux Kernel up to 5.10.163/5.15.86/6.0.17/6.1.3 ext4 ext4_alloc_inode allocation of resources (EUVD-2025-32001 / Nessus ID 302981)2026-04-20
OSV
CVE-2022-50546: In the Linux kernel, the following vulnerability has been resolved: ext4: fix uninititialized value in 'ext4_evict_inode' Syzbot found the following i2025-10-07
GHSA
GHSA-g2jp-ch4j-rcfr: In the Linux kernel, the following vulnerability has been resolved: ext4: fix uninititialized value in 'ext4_evict_inode' Syzbot found the following2025-10-07

📋Vendor Advisories

2
Red Hat
kernel: ext4: fix uninititialized value in 'ext4_evict_inode'2025-10-07
Debian
CVE-2022-50546: linux - In the Linux kernel, the following vulnerability has been resolved: ext4: fix u...2022