vulnerability

Red Hat: CVE-2022-50485: kernel: ext4: add EXT4_IGET_BAD flag to prevent unexpected bad inode (Multiple Advisories)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
6	(AV:L/AC:M/Au:M/C:N/I:C/A:C)	Oct 4, 2025	Nov 14, 2025	Nov 17, 2025

Severity

CVSS

(AV:L/AC:M/Au:M/C:N/I:C/A:C)

Published

Oct 4, 2025

Added

Nov 14, 2025

Modified

Nov 17, 2025

Description

In the Linux kernel, the following vulnerability has been resolved:

ext4: add EXT4_IGET_BAD flag to prevent unexpected bad inode

There are many places that will get unhappy (and crash) when ext4_iget()
returns a bad inode. However, if iget the boot loader inode, allows a bad
inode to be returned, because the inode may not be initialized. This
mechanism can be used to bypass some checks and cause panic. To solve this
problem, we add a special iget flag EXT4_IGET_BAD. Only with this flag
we'd be returning bad inode from ext4_iget(), otherwise we always return
the error code if the inode is bad inode.(suggested by Jan Kara)

Solutions

redhat-upgrade-kernelredhat-upgrade-kernel-rt

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today