CVE-2022-49739

March 28, 2025, 6:11 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: gfs2: Always check inode size of inline inodes Check if the inode size of stuffed (inline) inodes is within the allowed range when reading inodes from disk (gfs2_dinode_in()). This prevents us from on-disk corruption. The two checks in stuffed_readpage() and gfs2_unstuffer_page() that just truncate inline data to the maximum allowed size don't actually make sense, and they can be removed now as well.

Product(s) Impacted

Vendor Product Versions
Linux
  • Linux Kernel
  • Gfs2
  • *
  • *

Weaknesses

Common security weaknesses mapped to this vulnerability.

*CPE(s)

Affected systems and software identified for this CVE.

Type Vendor Product Version Update Edition Language Software Edition Target Software Target Hardware Other Information
a linux linux_kernel / / / / / / / /
a linux gfs2 / / / / / / / /

References

https://git.kernel.org/stable/c/45df749f827c286adbc951f2a4865b67f0442ba9
https://git.kernel.org/stable/c/46c9088cabd4d0469fdb61ac2a9c5003057fe94d
https://git.kernel.org/stable/c/4d4cb76636134bf9a0c9c3432dae936f99954586
https://git.kernel.org/stable/c/70376c7ff31221f1d21db5611d8209e677781d3a
https://git.kernel.org/stable/c/7c414f6f06e9a3934901b6edc3177ae5a1e07094
https://git.kernel.org/stable/c/d458a0984429c2d47e60254f5bc4119cbafe83a2

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2025-03-27
CVE-2022-49739

Timeline

Published: March 27, 2025, 5:15 p.m.
Last Modified: March 28, 2025, 6:11 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.