CVE-2022-50841 — Linux vulnerability

7 documents6 sources

Severity

—N/A

No vector

EPSS

0.0%

top 91.51%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedDec 30

Description

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add overflow check for attribute size The offset addition could overflow and pass the used size check given an attribute with very large size (e.g., 0xffffff7f) while parsing MFT attributes. This could lead to out-of-bound memory R/W if we try to access the next attribute derived by Add2Ptr(attr, asize) [ 32.963847] BUG: unable to handle page fault for address: ffff956a83c76067 [ 32.964301] #PF: supervisor read acce…

Affected Packages4 packages

▶Linuxlinux/linux_kernel5.15.0 — 5.15.87+2

▶Debianlinux/linux_kernel< 6.1.4-1+2

▶CVEListV5linux/linux4342306f0f0d5ff4315a204d315c1b51b914fca5 — d4489ba8fb806e07b43eecca5e9af5865d94cbf6+4

▶debiandebian/linux< linux 6.1.4-1 (bookworm)

🔴Vulnerability Details

GHSA

GHSA-c5pm-qhvm-f5v5: In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add overflow check for attribute size The offset addition could overfl↗2025-12-30

▶

OSV

fs/ntfs3: Add overflow check for attribute size↗2025-12-30

▶

OSV

CVE-2022-50841: In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add overflow check for attribute size The offset addition could overflow↗2025-12-30

▶

📋Vendor Advisories

Red Hat

kernel: fs/ntfs3: Add overflow check for attribute size↗2025-12-30

▶

Debian

CVE-2022-50841: linux - In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: A...↗2022

▶

🕵️Threat Intelligence

Wiz

CVE-2022-50841 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶