CVE-2022-50306

Severity CVSS v4.0:

Pending analysis

Type:

Unavailable / Other

Publication date:

15/09/2025

Last modified:

15/09/2025

Description

In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential out of bound read in ext4_fc_replay_scan() For scan loop must ensure that at least EXT4_FC_TAG_BASE_LEN space. If remain space less than EXT4_FC_TAG_BASE_LEN which will lead to out of bound read when mounting corrupt file system image. ADD_RANGE/HEAD/TAIL is needed to add extra check when do journal scan, as this three tags will read data during scan, tag length couldn&#39;t less than data length which will read.

Impact

References to Advisories, Solutions, and Tools

https://git.kernel.org/stable/c/1b45cc5c7b920fd8bf72e5a888ec7abeadf41e09
https://git.kernel.org/stable/c/6969367c1500c15eddc38fda12f6d15518ad6d03
https://git.kernel.org/stable/c/f234294812c9b68d603650d28743eafb718e7ad5