CVE-2022-50377

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-50377

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-50377.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-50377

Downstream

RHSA-2024:2394

UBUNTU-CVE-2022-50377

Withdrawn

2025-09-19T21:57:03.564128Z

Published

2025-09-18T14:15:36Z

Modified

2025-09-19T08:50:47.790370Z

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

ext4: check and assert if marking an no_delete evicting inode dirty

In ext4evictinode(), if we evicting an inode in the 'nodelete' path, it cannot be raced by another markinodedirty(). If it happens, someone else may accidentally dirty it without holding inode refcount and probably cause use-after-free issues in the writeback procedure. It's indiscoverable and hard to debug, so add an WARNON_ONCE() to check and detect this issue in advance.

References

Affected packages

Debian:11 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.10.178-1

Affected versions

5.*

5.10.46-4

5.10.46-5

5.10.70-1~bpo10+1

5.10.70-1

5.10.84-1

5.10.92-1~bpo10+1

5.10.92-1

5.10.92-2

5.10.103-1~bpo10+1

5.10.103-1

5.10.106-1

5.10.113-1

5.10.120-1~bpo10+1

5.10.120-1

5.10.127-1

5.10.127-2~bpo10+1

5.10.127-2

5.10.136-1

5.10.140-1

5.10.148-1

5.10.149-1

5.10.149-2

5.10.158-1

5.10.158-2

5.10.162-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.1.4-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.1.4-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:14 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.1.4-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}