CVE-2022-49352
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-49352
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-49352.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2022-49352
- Downstream
- Related
- Published
- 2025-02-26T02:11:04Z
- Modified
- 2025-10-21T09:09:59.242342Z
- Summary
- ext4: fix warning in ext4_handle_inode_extension
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
ext4: fix warning in ext4handleinode_extension
We got issue as follows: EXT4-fs error (device loop0) in ext4reserveinodewrite:5741: Out of memory EXT4-fs error (device loop0): ext4setattr:5462: inode #13: comm syz-executor.0: markinodedirty error EXT4-fs error (device loop0) in ext4setattr:5519: Out of memory EXT4-fs error (device loop0): ext4indmapblocks:595: inode #13: comm syz-executor.0: Can't allocate blocks for non-extent mapped inodes with bigalloc ------------[ cut here ]------------ WARNING: CPU: 1 PID: 4361 at fs/ext4/file.c:301 ext4filewriteiter+0x11c9/0x1220 Modules linked in: CPU: 1 PID: 4361 Comm: syz-executor.0 Not tainted 5.10.0+ #1 RIP: 0010:ext4filewriteiter+0x11c9/0x1220 RSP: 0018:ffff924d80b27c00 EFLAGS: 00010282 RAX: ffffffff815a3379 RBX: 0000000000000000 RCX: 000000003b000000 RDX: ffff924d81601000 RSI: 00000000000009cc RDI: 00000000000009cd RBP: 000000000000000d R08: ffffffffbc5a2c6b R09: 0000902e0e52a96f R10: ffff902e2b7c1b40 R11: ffff902e2b7c1b40 R12: 000000000000000a R13: 0000000000000001 R14: ffff902e0e52aa10 R15: ffffffffffffff8b FS: 00007f81a7f65700(0000) GS:ffff902e3bc80000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffffffff600400 CR3: 000000012db88001 CR4: 00000000003706e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: doiterreadvwritev+0x2e5/0x360 doiterwrite+0x112/0x4c0 dopwritev+0x1e5/0x390 _x64syspwritev2+0x7e/0xa0 dosyscall64+0x37/0x50 entrySYSCALL64after_hwframe+0x44/0xa9
Above issue may happen as follows: Assume inode.isize=4096 EXT4I(inode)->i_disksize=4096
step 1: set inode->iisize = 8192 ext4setattr if (attr->iasize != inode->isize) EXT4I(inode)->idisksize = attr->iasize; rc = ext4markinodedirty ext4reserveinodewrite ext4getinodeloc _ext4getinodeloc sbgetblk --> return -ENOMEM ... if (!error) ->will not update isize isizewrite(inode, attr->iasize); Now: inode.isize=4096 EXT4I(inode)->idisksize=8192
step 2: Direct write 4096 bytes ext4filewriteiter ext4diowriteiter iomapdiorw ->return error if (extend) ext4handleinodeextension WARNONONCE(isizeread(inode) < EXT4I(inode)->i_disksize); ->Then trigger warning.
To solve above issue, if mark inode dirty failed in ext4setattr just set 'EXT4I(inode)->i_disksize' with old value.
- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/1bcce88da60eccc946c0f4ed942b0f08cd565778
- https://git.kernel.org/stable/c/adf490083ca52ebfb0b2fe64ff1ead00c0452dd7
- https://git.kernel.org/stable/c/b81d2ff6885e38fc745eeaf9565775055778fc0b
- https://git.kernel.org/stable/c/e383c2aa5f02ab571530dc5c5696479672478c25
- https://git.kernel.org/stable/c/f4534c9fc94d22383f187b9409abb3f9df2e3db3
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedb1b4705d54abedfd69dcdf42779c521aa1e0fbd3Fixedadf490083ca52ebfb0b2fe64ff1ead00c0452dd7
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedb1b4705d54abedfd69dcdf42779c521aa1e0fbd3Fixedb81d2ff6885e38fc745eeaf9565775055778fc0b
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedb1b4705d54abedfd69dcdf42779c521aa1e0fbd3Fixede383c2aa5f02ab571530dc5c5696479672478c25
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedb1b4705d54abedfd69dcdf42779c521aa1e0fbd3Fixed1bcce88da60eccc946c0f4ed942b0f08cd565778
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedb1b4705d54abedfd69dcdf42779c521aa1e0fbd3Fixedf4534c9fc94d22383f187b9409abb3f9df2e3db3
Affected versions
v5.*
v5.10
v5.10-rc1
v5.10-rc2
v5.10-rc3
v5.10-rc4
v5.10-rc5
v5.10-rc6
v5.10-rc7
v5.10.1
v5.10.10
v5.10.100
v5.10.101
v5.10.102
v5.10.103
v5.10.104
v5.10.105
v5.10.106
v5.10.107
v5.10.108
v5.10.109
v5.10.11
v5.10.110
v5.10.111
v5.10.112
v5.10.113
v5.10.114
v5.10.115
v5.10.116
v5.10.117
v5.10.118
v5.10.119
v5.10.12
v5.10.120
v5.10.13
v5.10.14
v5.10.15
v5.10.16
v5.10.17
v5.10.18
v5.10.19
v5.10.2
v5.10.20
v5.10.21
v5.10.22
v5.10.23
v5.10.24
v5.10.25
v5.10.26
v5.10.27
v5.10.28
v5.10.29
v5.10.3
v5.10.30
v5.10.31
v5.10.32
v5.10.33
v5.10.34
v5.10.35
v5.10.36
v5.10.37
v5.10.38
v5.10.39
v5.10.4
v5.10.40
v5.10.41
v5.10.42
v5.10.43
v5.10.44
v5.10.45
v5.10.46
v5.10.47
v5.10.48
v5.10.49
v5.10.5
v5.10.50
v5.10.51
v5.10.52
v5.10.53
v5.10.54
v5.10.55
v5.10.56
v5.10.57
v5.10.58
v5.10.59
v5.10.6
v5.10.60
v5.10.61
v5.10.62
v5.10.63
v5.10.64
v5.10.65
v5.10.66
v5.10.67
v5.10.68
v5.10.69
v5.10.7
v5.10.70
v5.10.71
v5.10.72
v5.10.73
v5.10.74
v5.10.75
v5.10.76
v5.10.77
v5.10.78
v5.10.79
v5.10.8
v5.10.80
v5.10.81
v5.10.82
v5.10.83
v5.10.84
v5.10.85
v5.10.86
v5.10.87
v5.10.88
v5.10.89
v5.10.9
v5.10.90
v5.10.91
v5.10.92
v5.10.93
v5.10.94
v5.10.95
v5.10.96
v5.10.97
v5.10.98
v5.10.99
v5.11
v5.11-rc1
v5.11-rc2
v5.11-rc3
v5.11-rc4
v5.11-rc5
v5.11-rc6
v5.11-rc7
v5.12
v5.12-rc1
v5.12-rc1-dontuse
v5.12-rc2
v5.12-rc3
v5.12-rc4
v5.12-rc5
v5.12-rc6
v5.12-rc7
v5.12-rc8
v5.13
v5.13-rc1
v5.13-rc2
v5.13-rc3
v5.13-rc4
v5.13-rc5
v5.13-rc6
v5.13-rc7
v5.14
v5.14-rc1
v5.14-rc2
v5.14-rc3
v5.14-rc4
v5.14-rc5
v5.14-rc6
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.15.1
v5.15.10
v5.15.11
v5.15.12
v5.15.13
v5.15.14
v5.15.15
v5.15.16
v5.15.17
v5.15.18
v5.15.19
v5.15.2
v5.15.20
v5.15.21
v5.15.22
v5.15.23
v5.15.24
v5.15.25
v5.15.26
v5.15.27
v5.15.28
v5.15.29
v5.15.3
v5.15.30
v5.15.31
v5.15.32
v5.15.33
v5.15.34
v5.15.35
v5.15.36
v5.15.37
v5.15.38
v5.15.39
v5.15.4
v5.15.40
v5.15.41
v5.15.42
v5.15.43
v5.15.44
v5.15.45
v5.15.5
v5.15.6
v5.15.7
v5.15.8
v5.15.9
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.17.1
v5.17.10
v5.17.11
v5.17.12
v5.17.13
v5.17.2
v5.17.3
v5.17.4
v5.17.5
v5.17.6
v5.17.7
v5.17.8
v5.17.9
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.18.1
v5.18.2
v5.4
v5.4-rc4
v5.4-rc5
v5.4-rc6
v5.4-rc7
v5.4-rc8
v5.5
v5.5-rc1
v5.5-rc2
v5.5-rc3
v5.5-rc4
v5.5-rc5
v5.5-rc6
v5.5-rc7
v5.6
v5.6-rc1
v5.6-rc2
v5.6-rc3
v5.6-rc4
v5.6-rc5
v5.6-rc6
v5.6-rc7
v5.7
v5.7-rc1
v5.7-rc2
v5.7-rc3
v5.7-rc4
v5.7-rc5
v5.7-rc6
v5.7-rc7
v5.8
v5.8-rc1
v5.8-rc2
v5.8-rc3
v5.8-rc4
v5.8-rc5
v5.8-rc6
v5.8-rc7
v5.9
v5.9-rc1
v5.9-rc2
v5.9-rc3
v5.9-rc4
v5.9-rc5
v5.9-rc6
v5.9-rc7
v5.9-rc8
Database specific
vanir_signatures
[
{
"id": "CVE-2022-49352-04ddc305",
"deprecated": false,
"digest": {
"length": 3767.0,
"function_hash": "190890855518956492644161680109370643654"
},
"signature_version": "v1",
"target": {
"function": "ext4_setattr",
"file": "fs/ext4/inode.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b81d2ff6885e38fc745eeaf9565775055778fc0b",
"signature_type": "Function"
},
{
"id": "CVE-2022-49352-19080b24",
"deprecated": false,
"digest": {
"line_hashes": [
"83895852354359464846058544573753975086",
"128882181613176142138143098188951773289",
"37086641081300401767643739649244079401",
"64873280979061636529379035758062547068",
"240714590602582979814347467001930609098",
"93755527901554373729888512012751459430",
"52251208504807214576010088358729658646",
"119876440288955821910962004682277327287",
"39216244639336990187319000453002324683",
"39850850578327717492357672171553162767",
"254075934469764261491118274848002155334",
"163170193972337081180716847828320273552"
],
"threshold": 0.9
},
"signature_version": "v1",
"target": {
"file": "fs/ext4/inode.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@1bcce88da60eccc946c0f4ed942b0f08cd565778",
"signature_type": "Line"
},
{
"id": "CVE-2022-49352-28d2b1b4",
"deprecated": false,
"digest": {
"length": 3653.0,
"function_hash": "307844423015682272264895673460337888520"
},
"signature_version": "v1",
"target": {
"function": "ext4_setattr",
"file": "fs/ext4/inode.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e383c2aa5f02ab571530dc5c5696479672478c25",
"signature_type": "Function"
},
{
"id": "CVE-2022-49352-79841139",
"deprecated": false,
"digest": {
"line_hashes": [
"83895852354359464846058544573753975086",
"128882181613176142138143098188951773289",
"37086641081300401767643739649244079401",
"64873280979061636529379035758062547068",
"240714590602582979814347467001930609098",
"93755527901554373729888512012751459430",
"52251208504807214576010088358729658646",
"119876440288955821910962004682277327287",
"39216244639336990187319000453002324683",
"39850850578327717492357672171553162767",
"254075934469764261491118274848002155334",
"163170193972337081180716847828320273552"
],
"threshold": 0.9
},
"signature_version": "v1",
"target": {
"file": "fs/ext4/inode.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e383c2aa5f02ab571530dc5c5696479672478c25",
"signature_type": "Line"
},
{
"id": "CVE-2022-49352-9c7feadd",
"deprecated": false,
"digest": {
"line_hashes": [
"83895852354359464846058544573753975086",
"128882181613176142138143098188951773289",
"37086641081300401767643739649244079401",
"64873280979061636529379035758062547068",
"240714590602582979814347467001930609098",
"93755527901554373729888512012751459430",
"52251208504807214576010088358729658646",
"119876440288955821910962004682277327287",
"39216244639336990187319000453002324683",
"39850850578327717492357672171553162767",
"254075934469764261491118274848002155334",
"163170193972337081180716847828320273552"
],
"threshold": 0.9
},
"signature_version": "v1",
"target": {
"file": "fs/ext4/inode.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f4534c9fc94d22383f187b9409abb3f9df2e3db3",
"signature_type": "Line"
},
{
"id": "CVE-2022-49352-a00e161c",
"deprecated": false,
"digest": {
"length": 3653.0,
"function_hash": "307844423015682272264895673460337888520"
},
"signature_version": "v1",
"target": {
"function": "ext4_setattr",
"file": "fs/ext4/inode.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f4534c9fc94d22383f187b9409abb3f9df2e3db3",
"signature_type": "Function"
},
{
"id": "CVE-2022-49352-bb788034",
"deprecated": false,
"digest": {
"length": 3775.0,
"function_hash": "272660507715827070425963825376665297366"
},
"signature_version": "v1",
"target": {
"function": "ext4_setattr",
"file": "fs/ext4/inode.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@adf490083ca52ebfb0b2fe64ff1ead00c0452dd7",
"signature_type": "Function"
},
{
"id": "CVE-2022-49352-cc7a0489",
"deprecated": false,
"digest": {
"length": 3653.0,
"function_hash": "307844423015682272264895673460337888520"
},
"signature_version": "v1",
"target": {
"function": "ext4_setattr",
"file": "fs/ext4/inode.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@1bcce88da60eccc946c0f4ed942b0f08cd565778",
"signature_type": "Function"
},
{
"id": "CVE-2022-49352-db385c93",
"deprecated": false,
"digest": {
"line_hashes": [
"83895852354359464846058544573753975086",
"128882181613176142138143098188951773289",
"37086641081300401767643739649244079401",
"64873280979061636529379035758062547068",
"240714590602582979814347467001930609098",
"93755527901554373729888512012751459430",
"52251208504807214576010088358729658646",
"119876440288955821910962004682277327287",
"39216244639336990187319000453002324683",
"39850850578327717492357672171553162767",
"254075934469764261491118274848002155334",
"163170193972337081180716847828320273552"
],
"threshold": 0.9
},
"signature_version": "v1",
"target": {
"file": "fs/ext4/inode.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@adf490083ca52ebfb0b2fe64ff1ead00c0452dd7",
"signature_type": "Line"
},
{
"id": "CVE-2022-49352-df67b7fd",
"deprecated": false,
"digest": {
"line_hashes": [
"83895852354359464846058544573753975086",
"128882181613176142138143098188951773289",
"37086641081300401767643739649244079401",
"64873280979061636529379035758062547068",
"240714590602582979814347467001930609098",
"93755527901554373729888512012751459430",
"52251208504807214576010088358729658646",
"119876440288955821910962004682277327287",
"39216244639336990187319000453002324683",
"39850850578327717492357672171553162767",
"254075934469764261491118274848002155334",
"163170193972337081180716847828320273552"
],
"threshold": 0.9
},
"signature_version": "v1",
"target": {
"file": "fs/ext4/inode.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b81d2ff6885e38fc745eeaf9565775055778fc0b",
"signature_type": "Line"
}
]