{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2022-50270","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-09-15T13:58:00.975Z","datePublished":"2025-09-15T14:21:06.735Z","dateUpdated":"2026-05-11T19:16:04.846Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T19:16:04.846Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix the assign logic of iocb\n\ncommit 18ae8d12991b (\"f2fs: show more DIO information in tracepoint\")\nintroduces iocb field in 'f2fs_direct_IO_enter' trace event\nAnd it only assigns the pointer and later it accesses its field\nin trace print log.\n\nUnable to handle kernel paging request at virtual address ffffffc04cef3d30\nMem abort info:\nESR = 0x96000007\nEC = 0x25: DABT (current EL), IL = 32 bits\n\n pc : trace_raw_output_f2fs_direct_IO_enter+0x54/0xa4\n lr : trace_raw_output_f2fs_direct_IO_enter+0x2c/0xa4\n sp : ffffffc0443cbbd0\n x29: ffffffc0443cbbf0 x28: ffffff8935b120d0 x27: ffffff8935b12108\n x26: ffffff8935b120f0 x25: ffffff8935b12100 x24: ffffff8935b110c0\n x23: ffffff8935b10000 x22: ffffff88859a936c x21: ffffff88859a936c\n x20: ffffff8935b110c0 x19: ffffff8935b10000 x18: ffffffc03b195060\n x17: ffffff8935b11e76 x16: 00000000000000cc x15: ffffffef855c4f2c\n x14: 0000000000000001 x13: 000000000000004e x12: ffff0000ffffff00\n x11: ffffffef86c350d0 x10: 00000000000010c0 x9 : 000000000fe0002c\n x8 : ffffffc04cef3d28 x7 : 7f7f7f7f7f7f7f7f x6 : 0000000002000000\n x5 : ffffff8935b11e9a x4 : 0000000000006250 x3 : ffff0a00ffffff04\n x2 : 0000000000000002 x1 : ffffffef86a0a31f x0 : ffffff8935b10000\n Call trace:\n  trace_raw_output_f2fs_direct_IO_enter+0x54/0xa4\n  print_trace_fmt+0x9c/0x138\n  print_trace_line+0x154/0x254\n  tracing_read_pipe+0x21c/0x380\n  vfs_read+0x108/0x3ac\n  ksys_read+0x7c/0xec\n  __arm64_sys_read+0x20/0x30\n  invoke_syscall+0x60/0x150\n  el0_svc_common.llvm.1237943816091755067+0xb8/0xf8\n  do_el0_svc+0x28/0xa0\n\nFix it by copying the required variables for printing and while at\nit fix the similar issue at some other places in the same file."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["include/trace/events/f2fs.h"],"versions":[{"version":"bd984c03097b8e9b7500cba7378040ac1c697dbb","lessThan":"d555aa37566c5c3728f2e52047a9722eae2aed93","status":"affected","versionType":"git"},{"version":"bd984c03097b8e9b7500cba7378040ac1c697dbb","lessThan":"b4244ca341ea95c52ee8fa93d04f5af3e584dd37","status":"affected","versionType":"git"},{"version":"bd984c03097b8e9b7500cba7378040ac1c697dbb","lessThan":"0db18eec0d9a7ee525209e31e3ac2f673545b12f","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["include/trace/events/f2fs.h"],"versions":[{"version":"5.17","status":"affected"},{"version":"0","lessThan":"5.17","status":"unaffected","versionType":"semver"},{"version":"6.0.16","lessThanOrEqual":"6.0.*","status":"unaffected","versionType":"semver"},{"version":"6.1.2","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.2","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.17","versionEndExcluding":"6.0.16"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.17","versionEndExcluding":"6.1.2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.17","versionEndExcluding":"6.2"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/d555aa37566c5c3728f2e52047a9722eae2aed93"},{"url":"https://git.kernel.org/stable/c/b4244ca341ea95c52ee8fa93d04f5af3e584dd37"},{"url":"https://git.kernel.org/stable/c/0db18eec0d9a7ee525209e31e3ac2f673545b12f"}],"title":"f2fs: fix the assign logic of iocb","x_generator":{"engine":"bippy-1.2.0"}}}}