CVE-2022-50293

EPSS 0.02%
Veröffentlicht 15.09.2025 14:45:49
Zuletzt bearbeitet 15.09.2025 15:22:27
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

btrfs: do not BUG_ON() on ENOMEM when dropping extent items for a range

If we get -ENOMEM while dropping file extent items in a given range, at
btrfs_drop_extents(), due to failure to allocate memory when attempting to
increment the reference count for an extent or drop the reference count,
we handle it with a BUG_ON(). This is excessive, instead we can simply
abort the transaction and return the error to the caller. In fact most
callers of btrfs_drop_extents(), directly or indirectly, already abort
the transaction if btrfs_drop_extents() returns any error.

Also, we already have error paths at btrfs_drop_extents() that may return
-ENOMEM and in those cases we abort the transaction, like for example
anything that changes the b+tree may return -ENOMEM due to a failure to
allocate a new extent buffer when COWing an existing extent buffer, such
as a call to btrfs_duplicate_item() for example.

So replace the BUG_ON() calls with proper logic to abort the transaction
and return the error.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 7

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 50f993da945074b2a069da099a0331b23a0c89a0

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 7fbcb635c8fc927d139f3302babcf1b42c09265c

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 1baf3370e2dc5e6bd1368348736189457dab2a27

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 162d053e15fe985f754ef495a96eb3db970c43ed

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version <= 5.15.*

Version 5.15.86

Status unaffected

Version <= 6.0.*

Version 6.0.16

Status unaffected

Version <= 6.1.*

Version 6.1.2

Status unaffected

Version <= *

Version 6.2

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.047

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/50f993da945074b2a069da099a0331b23a0c89a0

https://git.kernel.org/stable/c/7fbcb635c8fc927d139f3302babcf1b42c09265c

https://git.kernel.org/stable/c/1baf3370e2dc5e6bd1368348736189457dab2a27

https://git.kernel.org/stable/c/162d053e15fe985f754ef495a96eb3db970c43ed

https://nvd.nist.gov/vuln/detail/CVE-2022-50293

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-50293

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-50293

EUVD