CVE-2022-50839

Summary

In the Linux kernel, the following vulnerability has been resolved:

jbd2: fix potential buffer head reference count leak

As in 'jbd2_fc_wait_bufs' if buffer isn't uptodate, will return -EIO without update 'journal->j_fc_off'. But 'jbd2_fc_release_bufs' will release buffer head from ‘j_fc_off - 1’ if 'bh' is NULL will terminal release which will lead to buffer head buffer head reference count leak. To solve above issue, update 'journal->j_fc_off' before return -EIO.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxff780b91efe901b8eecd8114785abae5341820ad < 7a33dde572fceb45d02d188e0213c47059401c93affected
LinuxLinuxff780b91efe901b8eecd8114785abae5341820ad < e7385c868ee038d6a0cb0e85c22d2741e7910fd5affected
LinuxLinuxff780b91efe901b8eecd8114785abae5341820ad < 68ed9c76b2affd47177b92495446abb7262d0ef7affected
LinuxLinuxff780b91efe901b8eecd8114785abae5341820ad < 9b073d73725366d886b711b74e058c02f51e7a0eaffected
LinuxLinuxff780b91efe901b8eecd8114785abae5341820ad < e0d5fc7a6d80ac2406c7dfc6bb625201d0250a8aaffected
LinuxLinux5.10affected
LinuxLinux0 < 5.10unaffected
LinuxLinux5.10.150 <= 5.10.*unaffected
LinuxLinux5.15.75 <= 5.15.*unaffected
LinuxLinux5.19.17 <= 5.19.*unaffected
LinuxLinux6.0.3 <= 6.0.*unaffected
LinuxLinux6.1 <= *unaffected

Weaknesses

References