CVE-2022-50056

Summary

In the Linux kernel, the following vulnerability has been resolved:

fs/ntfs3: Fix missing i_op in ntfs_read_mft

There is null pointer dereference because i_op == NULL. The bug happens because we don't initialize i_op for records in $Extend.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux82cae269cfa953032fbb8980a7d554d60fb00b17 < c293e8abc09e6e1faa50d967bd8862b1cbd575e5affected
LinuxLinux82cae269cfa953032fbb8980a7d554d60fb00b17 < 8089a1bc27b41e6800590a92d17c119e9aa8ff53affected
LinuxLinux82cae269cfa953032fbb8980a7d554d60fb00b17 < 37a530bfe56ca9a0d3129598803f2794c7428aaeaffected
LinuxLinux5.15affected
LinuxLinux0 < 5.15unaffected
LinuxLinux5.15.63 <= 5.15.*unaffected
LinuxLinux5.19.4 <= 5.19.*unaffected
LinuxLinux6.0 <= *unaffected

Weaknesses

References