{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2022-49361","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-02-26T02:08:31.547Z","datePublished":"2025-02-26T02:11:08.881Z","dateUpdated":"2025-07-11T17:19:16.905Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-07-11T17:19:16.905Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix to do sanity check for inline inode\n\nYanming reported a kernel bug in Bugzilla kernel [1], which can be\nreproduced. The bug message is:\n\nThe kernel message is shown below:\n\nkernel BUG at fs/inode.c:611!\nCall Trace:\n evict+0x282/0x4e0\n __dentry_kill+0x2b2/0x4d0\n dput+0x2dd/0x720\n do_renameat2+0x596/0x970\n __x64_sys_rename+0x78/0x90\n do_syscall_64+0x3b/0x90\n\n[1] https://bugzilla.kernel.org/show_bug.cgi?id=215895\n\nThe bug is due to fuzzed inode has both inline_data and encrypted flags.\nDuring f2fs_evict_inode(), as the inode was deleted by rename(), it\nwill cause inline data conversion due to conflicting flags. The page\ncache will be polluted and the panic will be triggered in clear_inode().\n\nTry fixing the bug by doing more sanity checks for inline data inode in\nsanity_check_inode()."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["fs/f2fs/f2fs.h","fs/f2fs/inline.c","fs/f2fs/inode.c"],"versions":[{"version":"98e4da8ca301e062d79ae168c67e56f3c3de3ce4","lessThan":"efdefbe8b7564602ab446474788225a1f2a323b5","status":"affected","versionType":"git"},{"version":"98e4da8ca301e062d79ae168c67e56f3c3de3ce4","lessThan":"7cfe2d43becaf76e562b9617d2c2d9b445f86761","status":"affected","versionType":"git"},{"version":"98e4da8ca301e062d79ae168c67e56f3c3de3ce4","lessThan":"11c1cd032df85df3c096a57a7f27d57819956e4a","status":"affected","versionType":"git"},{"version":"98e4da8ca301e062d79ae168c67e56f3c3de3ce4","lessThan":"198fd9faa271dd54dca6fc8eb6873f42dfd3b4d8","status":"affected","versionType":"git"},{"version":"98e4da8ca301e062d79ae168c67e56f3c3de3ce4","lessThan":"677a82b44ebf263d4f9a0cfbd576a6ade797a07b","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["fs/f2fs/f2fs.h","fs/f2fs/inline.c","fs/f2fs/inode.c"],"versions":[{"version":"3.8","status":"affected"},{"version":"0","lessThan":"3.8","status":"unaffected","versionType":"semver"},{"version":"5.10.121","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.46","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"5.17.14","lessThanOrEqual":"5.17.*","status":"unaffected","versionType":"semver"},{"version":"5.18.3","lessThanOrEqual":"5.18.*","status":"unaffected","versionType":"semver"},{"version":"5.19","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.8","versionEndExcluding":"5.10.121"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.8","versionEndExcluding":"5.15.46"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.8","versionEndExcluding":"5.17.14"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.8","versionEndExcluding":"5.18.3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.8","versionEndExcluding":"5.19"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/efdefbe8b7564602ab446474788225a1f2a323b5"},{"url":"https://git.kernel.org/stable/c/7cfe2d43becaf76e562b9617d2c2d9b445f86761"},{"url":"https://git.kernel.org/stable/c/11c1cd032df85df3c096a57a7f27d57819956e4a"},{"url":"https://git.kernel.org/stable/c/198fd9faa271dd54dca6fc8eb6873f42dfd3b4d8"},{"url":"https://git.kernel.org/stable/c/677a82b44ebf263d4f9a0cfbd576a6ade797a07b"}],"title":"f2fs: fix to do sanity check for inline inode","x_generator":{"engine":"bippy-1.2.0"}}}}