CVE-2022-50673Expired Pointer Dereference in Linux

CWE-825Expired Pointer Dereference6 documents5 sources
Severity
7.0HIGH
No vector
EPSS
0.0%
top 85.68%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 9

Description

In the Linux kernel, the following vulnerability has been resolved: ext4: fix use-after-free in ext4_orphan_cleanup I caught a issue as follows: BUG: KASAN: use-after-free in __list_add_valid+0x28/0x1a0 Read of size 8 at addr ffff88814b13f378 by task mount/710 CPU: 1 PID: 710 Comm: mount Not tainted 6.1.0-rc3-next #370 Call Trace: dump_stack_lvl+0x73/0x9f print_report+0x25d/0x759 kasan_report+0xc0/0x120 __asan_load8+0x99/0x140 __list_add_valid+0x28/0x1a0 ext4_orphan_cleanup+0x564/0x9d0 [ext4

Affected Packages4 packages

Linuxlinux/linux_kernel4.10.04.19.270+5
Debianlinux/linux_kernel< 5.10.178-1+3
CVEListV5linux/linux2c98eb5ea249767bbc11cf4e70e91d5b0458ed137f801a1593cb957f73659732836b2dafbdfc7709+7
debiandebian/linux< linux 6.1.4-1 (bookworm)

🔴Vulnerability Details

3
OSV
CVE-2022-50673: In the Linux kernel, the following vulnerability has been resolved: ext4: fix use-after-free in ext4_orphan_cleanup I caught a issue as follows: =====2025-12-09
OSV
ext4: fix use-after-free in ext4_orphan_cleanup2025-12-09
GHSA
GHSA-8h9v-mf84-vh83: In the Linux kernel, the following vulnerability has been resolved: ext4: fix use-after-free in ext4_orphan_cleanup I caught a issue as follows: BUG2025-12-09

📋Vendor Advisories

2
Red Hat
kernel: ext4: fix use-after-free in ext4_orphan_cleanup2025-12-09
Debian
CVE-2022-50673: linux - In the Linux kernel, the following vulnerability has been resolved: ext4: fix u...2022