CVE-2022-49274

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
26/02/2025
Last modified:
26/02/2025

Description

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> ocfs2: fix crash when mount with quota enabled<br /> <br /> There is a reported crash when mounting ocfs2 with quota enabled.<br /> <br /> RIP: 0010:ocfs2_qinfo_lock_res_init+0x44/0x50 [ocfs2]<br /> Call Trace:<br /> ocfs2_local_read_info+0xb9/0x6f0 [ocfs2]<br /> dquot_load_quota_sb+0x216/0x470<br /> dquot_load_quota_inode+0x85/0x100<br /> ocfs2_enable_quotas+0xa0/0x1c0 [ocfs2]<br /> ocfs2_fill_super.cold+0xc8/0x1bf [ocfs2]<br /> mount_bdev+0x185/0x1b0<br /> legacy_get_tree+0x27/0x40<br /> vfs_get_tree+0x25/0xb0<br /> path_mount+0x465/0xac0<br /> __x64_sys_mount+0x103/0x140<br /> <br /> It is caused by when initializing dqi_gqlock, the corresponding dqi_type<br /> and dqi_sb are not properly initialized.<br /> <br /> This issue is introduced by commit 6c85c2c72819, which wants to avoid<br /> accessing uninitialized variables in error cases. So make global quota<br /> info properly initialized.

Impact