{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2022-50057","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-06-18T10:57:27.403Z","datePublished":"2025-06-18T11:02:06.357Z","dateUpdated":"2026-05-11T19:12:01.024Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T19:12:01.024Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Fix NULL deref in ntfs_update_mftmirr\n\nIf ntfs_fill_super() wasn't called then sbi->sb will be equal to NULL.\nCode should check this ptr before dereferencing. Syzbot hit this issue\nvia passing wrong mount param as can be seen from log below\n\nFail log:\nntfs3: Unknown parameter 'iochvrset'\ngeneral protection fault, probably for non-canonical address 0xdffffc0000000003: 0000 [#1] PREEMPT SMP KASAN\nKASAN: null-ptr-deref in range [0x0000000000000018-0x000000000000001f]\nCPU: 1 PID: 3589 Comm: syz-executor210 Not tainted 5.18.0-rc3-syzkaller-00016-gb253435746d9 #0\n...\nCall Trace:\n <TASK>\n put_ntfs+0x1ed/0x2a0 fs/ntfs3/super.c:463\n ntfs_fs_free+0x6a/0xe0 fs/ntfs3/super.c:1363\n put_fs_context+0x119/0x7a0 fs/fs_context.c:469\n do_new_mount+0x2b4/0xad0 fs/namespace.c:3044\n do_mount fs/namespace.c:3383 [inline]\n __do_sys_mount fs/namespace.c:3591 [inline]"}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["fs/ntfs3/fsntfs.c"],"versions":[{"version":"82cae269cfa953032fbb8980a7d554d60fb00b17","lessThan":"8e8e1a84dac7a3d2b432162a70d7fb6a75960772","status":"affected","versionType":"git"},{"version":"82cae269cfa953032fbb8980a7d554d60fb00b17","lessThan":"bf6089dc01ba3194ab962105d7b85690843c256f","status":"affected","versionType":"git"},{"version":"82cae269cfa953032fbb8980a7d554d60fb00b17","lessThan":"321460ca3b55f48b3ba6008248264ab2bd6407d9","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["fs/ntfs3/fsntfs.c"],"versions":[{"version":"5.15","status":"affected"},{"version":"0","lessThan":"5.15","status":"unaffected","versionType":"semver"},{"version":"5.15.63","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"5.19.4","lessThanOrEqual":"5.19.*","status":"unaffected","versionType":"semver"},{"version":"6.0","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15","versionEndExcluding":"5.15.63"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15","versionEndExcluding":"5.19.4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15","versionEndExcluding":"6.0"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/8e8e1a84dac7a3d2b432162a70d7fb6a75960772"},{"url":"https://git.kernel.org/stable/c/bf6089dc01ba3194ab962105d7b85690843c256f"},{"url":"https://git.kernel.org/stable/c/321460ca3b55f48b3ba6008248264ab2bd6407d9"}],"title":"fs/ntfs3: Fix NULL deref in ntfs_update_mftmirr","x_generator":{"engine":"bippy-1.2.0"}}}}