CVE-2022-50815 — Improper Validation of Specified Quantity in Input in Linux

CWE-1284 — Improper Validation of Specified Quantity in Input7 documents6 sources

Severity

5.5MEDIUM

No vector

EPSS

0.0%

top 93.24%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedDec 30

Description

In the Linux kernel, the following vulnerability has been resolved: ext2: Add sanity checks for group and filesystem size Add sanity check that filesystem size does not exceed the underlying device size and that group size is big enough so that metadata can fit into it. This avoid trying to mount some crafted filesystems with extremely large group counts.

Affected Packages4 packages

▶Linuxlinux/linux_kernel2.6.12 — 5.19.17+1

▶Debianlinux/linux_kernel< 6.0.3-1+2

▶CVEListV5linux/linux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 — 40ff52527daec00cf1530c17a95636916ddd3b38+3

▶debiandebian/linux< linux 6.0.3-1 (bookworm)

🔴Vulnerability Details

OSV

ext2: Add sanity checks for group and filesystem size↗2025-12-30

▶

GHSA

GHSA-8xqr-g5fm-p394: In the Linux kernel, the following vulnerability has been resolved: ext2: Add sanity checks for group and filesystem size Add sanity check that file↗2025-12-30

▶

OSV

CVE-2022-50815: In the Linux kernel, the following vulnerability has been resolved: ext2: Add sanity checks for group and filesystem size Add sanity check that filesy↗2025-12-30

▶

📋Vendor Advisories

Red Hat

kernel: ext2: Add sanity checks for group and filesystem size↗2025-12-30

▶

Debian

CVE-2022-50815: linux - In the Linux kernel, the following vulnerability has been resolved: ext2: Add s...↗2022

▶

🕵️Threat Intelligence

Wiz

CVE-2022-50815 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶