{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2022-50839","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-12-30T12:06:07.133Z","datePublished":"2025-12-30T12:10:58.406Z","dateUpdated":"2026-05-11T19:26:06.678Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T19:26:06.678Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\njbd2: fix potential buffer head reference count leak\n\nAs in 'jbd2_fc_wait_bufs' if buffer isn't uptodate, will return -EIO without\nupdate 'journal->j_fc_off'. But 'jbd2_fc_release_bufs' will release buffer head\nfrom ‘j_fc_off - 1’ if 'bh' is NULL will terminal release which will lead to\nbuffer head buffer head reference count leak.\nTo solve above issue, update 'journal->j_fc_off' before return -EIO."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["fs/jbd2/journal.c"],"versions":[{"version":"ff780b91efe901b8eecd8114785abae5341820ad","lessThan":"7a33dde572fceb45d02d188e0213c47059401c93","status":"affected","versionType":"git"},{"version":"ff780b91efe901b8eecd8114785abae5341820ad","lessThan":"e7385c868ee038d6a0cb0e85c22d2741e7910fd5","status":"affected","versionType":"git"},{"version":"ff780b91efe901b8eecd8114785abae5341820ad","lessThan":"68ed9c76b2affd47177b92495446abb7262d0ef7","status":"affected","versionType":"git"},{"version":"ff780b91efe901b8eecd8114785abae5341820ad","lessThan":"9b073d73725366d886b711b74e058c02f51e7a0e","status":"affected","versionType":"git"},{"version":"ff780b91efe901b8eecd8114785abae5341820ad","lessThan":"e0d5fc7a6d80ac2406c7dfc6bb625201d0250a8a","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["fs/jbd2/journal.c"],"versions":[{"version":"5.10","status":"affected"},{"version":"0","lessThan":"5.10","status":"unaffected","versionType":"semver"},{"version":"5.10.150","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.75","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"5.19.17","lessThanOrEqual":"5.19.*","status":"unaffected","versionType":"semver"},{"version":"6.0.3","lessThanOrEqual":"6.0.*","status":"unaffected","versionType":"semver"},{"version":"6.1","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.10","versionEndExcluding":"5.10.150"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.10","versionEndExcluding":"5.15.75"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.10","versionEndExcluding":"5.19.17"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.10","versionEndExcluding":"6.0.3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.10","versionEndExcluding":"6.1"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/7a33dde572fceb45d02d188e0213c47059401c93"},{"url":"https://git.kernel.org/stable/c/e7385c868ee038d6a0cb0e85c22d2741e7910fd5"},{"url":"https://git.kernel.org/stable/c/68ed9c76b2affd47177b92495446abb7262d0ef7"},{"url":"https://git.kernel.org/stable/c/9b073d73725366d886b711b74e058c02f51e7a0e"},{"url":"https://git.kernel.org/stable/c/e0d5fc7a6d80ac2406c7dfc6bb625201d0250a8a"}],"title":"jbd2: fix potential buffer head reference count leak","x_generator":{"engine":"bippy-1.2.0"}}}}