CVE-2022-49761

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2022-49761
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-49761.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-49761
Related
Published
2025-03-27T17:15:41Z
Modified
2025-04-01T17:01:03.321626Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

btrfs: always report error in runonedelayed_ref()

Currently we have a btrfsdebug() for runonedelayedref() failure, but if end users hit such problem, there will be no chance that btrfs_debug() is enabled. This can lead to very little useful info for debugging.

This patch will:

  • Add extra info for error reporting Including:

    • logical bytenr
    • num_bytes
    • type
    • action
    • ref_mod

  • Replace the btrfsdebug() with btrfserr()

  • Move the error reporting into runonedelayed_ref() This is to avoid use-after-free, the @node can be freed in the caller.

This error should only be triggered at most once.

As if runonedelayed_ref() failed, we trigger the error message, then causing the call chain to error out:

btrfsrundelayedrefs() - btrfs_run_delayed_refs() - btrfsrundelayedrefsforhead() `- runonedelayed_ref()

And we will abort the current transaction in btrfsrundelayedrefs(). If we have to run delayed refs for the abort transaction, runonedelayedref() will just cleanup the refs and do nothing, thus no new error messages would be output.

References

Affected packages

Debian:11 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.10.178-1

Affected versions

5.*

5.10.46-4
5.10.46-5
5.10.70-1~bpo10+1
5.10.70-1
5.10.84-1
5.10.92-1~bpo10+1
5.10.92-1
5.10.92-2
5.10.103-1~bpo10+1
5.10.103-1
5.10.106-1
5.10.113-1
5.10.120-1~bpo10+1
5.10.120-1
5.10.127-1
5.10.127-2~bpo10+1
5.10.127-2
5.10.136-1
5.10.140-1
5.10.148-1
5.10.149-1
5.10.149-2
5.10.158-1
5.10.158-2
5.10.162-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:12 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.1.8-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:13 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.1.8-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}