Description

In the Linux kernel, the following vulnerability has been resolved: ext4: add EXT4_IGET_BAD flag to prevent unexpected bad inode There are many places that will get unhappy (and crash) when ext4_iget() returns a bad inode. However, if iget the boot loader inode, allows a bad inode to be returned, because the inode may not be initialized. This mechanism can be used to bypass some checks and cause panic. To solve this problem, we add a special iget flag EXT4_IGET_BAD. Only with this flag we'd be returning bad inode from ext4_iget(), otherwise we always return the error code if the inode is bad inode.(suggested by Jan Kara)

INFO

Published Date :

2025-10-04T15:16:43.093Z

Last Modified :

2025-12-23T13:29:37.091Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2022-50485 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2022-50485.

URL Resource
https://git.kernel.org/stable/c/2142dfa1de61e25b83198af0308ec7689cca25d3 cve-icon cve-icon
https://git.kernel.org/stable/c/488a5c2bf7543c3cd3f07a025f2e62be91599430 cve-icon cve-icon
https://git.kernel.org/stable/c/63b1e9bccb71fe7d7e3ddc9877dbdc85e5d2d023 cve-icon cve-icon
https://git.kernel.org/stable/c/c0a738875c2e9c8c3366d792f8bf7fe508d5e5a5 cve-icon cve-icon
https://git.kernel.org/stable/c/f725b290ed79ad61e4f721fee95a287892d8b1ad cve-icon cve-icon
https://git.kernel.org/stable/c/f7e6b5548f915d7aa435d0764d41eacfb49c6e09 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025100441-CVE-2022-50485-9d4c@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2022-50485 cve-icon
https://www.cve.org/CVERecord?id=CVE-2022-50485 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact