5.5
CVE-2022-50436
- EPSS 0.1%
- Veröffentlicht 01.10.2025 12:15:35
- Zuletzt bearbeitet 21.01.2026 21:38:15
- CVE-Watchlists
- Unerledigt
ext4: don't set up encryption key during jbd2 transaction
In the Linux kernel, the following vulnerability has been resolved:
ext4: don't set up encryption key during jbd2 transaction
Commit a80f7fcf1867 ("ext4: fixup ext4_fc_track_* functions' signature")
extended the scope of the transaction in ext4_unlink() too far, making
it include the call to ext4_find_entry(). However, ext4_find_entry()
can deadlock when called from within a transaction because it may need
to set up the directory's encryption key.
Fix this by restoring the transaction to its original scope.Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 5.10.1 < 5.10.163
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.87
Linux ≫ Linux Kernel Version >= 5.16 < 6.0.18
Linux ≫ Linux Kernel Version >= 6.1 < 6.1.4
Linux ≫ Linux Kernel Version5.10 Update-
Linux ≫ Linux Kernel Version5.10 Updaterc4
Linux ≫ Linux Kernel Version5.10 Updaterc5
Linux ≫ Linux Kernel Version5.10 Updaterc6
Linux ≫ Linux Kernel Version5.10 Updaterc7
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.1% | 0.008 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
https://git.kernel.org/stable/c/1ba993208bcfd691e241483420a2a761d3f15750
https://git.kernel.org/stable/c/206dd3acfb9bca54a25b228c7c7c2257eedde09b
https://git.kernel.org/stable/c/23ad034760dd38e12b0e0e1b28b9629f330810a1
https://git.kernel.org/stable/c/4c0d5778385cb3618ff26a561ce41de2b7d9de70
https://git.kernel.org/stable/c/6220ec405571ded17efedc56587190b542adf246