vulnerability

Ubuntu: (CVE-2022-49318): linux vulnerability

Try Surface Command
Back to search
Severity
5
CVSS
(AV:L/AC:L/Au:S/C:N/I:N/A:C)
Published
Feb 26, 2025
Added
Mar 3, 2025
Modified
Sep 1, 2025

Description

In the Linux kernel, the following vulnerability has been resolved:

f2fs: remove WARN_ON in f2fs_is_valid_blkaddr

Syzbot triggers two WARNs in f2fs_is_valid_blkaddr and
__is_bitmap_valid. For example, in f2fs_is_valid_blkaddr,
if type is DATA_GENERIC_ENHANCE or DATA_GENERIC_ENHANCE_READ,
it invokes WARN_ON if blkaddr is not in the right range.
The call trace is as follows:

f2fs_get_node_info+0x45f/0x1070
read_node_page+0x577/0x1190
__get_node_page.part.0+0x9e/0x10e0
__get_node_page
f2fs_get_node_page+0x109/0x180
do_read_inode
f2fs_iget+0x2a5/0x58b0
f2fs_fill_super+0x3b39/0x7ca0

Fix these two WARNs by replacing WARN_ON with dump_stack.

Solutions

ubuntu-upgrade-linuxubuntu-upgrade-linux-awsubuntu-upgrade-linux-aws-5-15ubuntu-upgrade-linux-aws-5-4ubuntu-upgrade-linux-aws-fipsubuntu-upgrade-linux-azureubuntu-upgrade-linux-azure-5-15ubuntu-upgrade-linux-azure-5-4ubuntu-upgrade-linux-azure-fipsubuntu-upgrade-linux-bluefieldubuntu-upgrade-linux-fipsubuntu-upgrade-linux-gcpubuntu-upgrade-linux-gcp-5-15ubuntu-upgrade-linux-gcp-5-4ubuntu-upgrade-linux-gcp-fipsubuntu-upgrade-linux-gkeubuntu-upgrade-linux-gkeopubuntu-upgrade-linux-hwe-5-15ubuntu-upgrade-linux-hwe-5-4ubuntu-upgrade-linux-ibmubuntu-upgrade-linux-ibm-5-4ubuntu-upgrade-linux-intel-iotgubuntu-upgrade-linux-intel-iotg-5-15ubuntu-upgrade-linux-iotubuntu-upgrade-linux-kvmubuntu-upgrade-linux-lowlatencyubuntu-upgrade-linux-lowlatency-hwe-5-15ubuntu-upgrade-linux-nvidiaubuntu-upgrade-linux-oracleubuntu-upgrade-linux-oracle-5-15ubuntu-upgrade-linux-oracle-5-4ubuntu-upgrade-linux-raspiubuntu-upgrade-linux-raspi-5-4ubuntu-upgrade-linux-realtimeubuntu-upgrade-linux-riscv-5-15

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today