-

CVE-2022-50747

EPSS 0.06%
Veröffentlicht 24.12.2025 13:05:43
Zuletzt bearbeitet 15.04.2026 00:35:42
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

hfs: Fix OOB Write in hfs_asc2mac

In the Linux kernel, the following vulnerability has been resolved:

hfs: Fix OOB Write in hfs_asc2mac

Syzbot reported a OOB Write bug:

loop0: detected capacity change from 0 to 64
==================================================================
BUG: KASAN: slab-out-of-bounds in hfs_asc2mac+0x467/0x9a0
fs/hfs/trans.c:133
Write of size 1 at addr ffff88801848314e by task syz-executor391/3632

Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x1b1/0x28e lib/dump_stack.c:106
 print_address_description+0x74/0x340 mm/kasan/report.c:284
 print_report+0x107/0x1f0 mm/kasan/report.c:395
 kasan_report+0xcd/0x100 mm/kasan/report.c:495
 hfs_asc2mac+0x467/0x9a0 fs/hfs/trans.c:133
 hfs_cat_build_key+0x92/0x170 fs/hfs/catalog.c:28
 hfs_lookup+0x1ab/0x2c0 fs/hfs/dir.c:31
 lookup_open fs/namei.c:3391 [inline]
 open_last_lookups fs/namei.c:3481 [inline]
 path_openat+0x10e6/0x2df0 fs/namei.c:3710
 do_filp_open+0x264/0x4f0 fs/namei.c:3740

If in->len is much larger than HFS_NAMELEN(31) which is the maximum
length of an HFS filename, a OOB write could occur in hfs_asc2mac(). In
that case, when the dst reaches the boundary, the srclen is still
greater than 0, which causes a OOB write.
Fix this by adding a check on dstlen in while() before writing to dst
address.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 12

CNA 2 VulnDex Vulnerability Enrichment 11

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version 328b9227865026268261a24a97a578907b280415

Version < 8399318b13dc9e0569dee07ba2994098926d4fb2

Status affected

Version 328b9227865026268261a24a97a578907b280415

Version < 95040de81c629cd8d3c6ab5b50a8bd5088068303

Status affected

Version 328b9227865026268261a24a97a578907b280415

Version < ba8f0ca386dd15acf5a93cbac932392c7818eab4

Status affected

Version 328b9227865026268261a24a97a578907b280415

Version < 6a95b17e4d4cd2d8278559f930b447f8c9c8cff9

Status affected

Version 328b9227865026268261a24a97a578907b280415

Version < cff9fefdfbf5744afbb6d70bff2b49ec2065d23d

Status affected

Version 328b9227865026268261a24a97a578907b280415

Version < 7af9cb8cbb81308ce4b06cc7164267faccbf75dd

Status affected

Version 328b9227865026268261a24a97a578907b280415

Version < ae21b03f904736eb2aa9bd119d2a14e741f1681f

Status affected

Version 328b9227865026268261a24a97a578907b280415

Version < 88579c158e026860c61c4192531e8bc42f4bc642

Status affected

Version 328b9227865026268261a24a97a578907b280415

Version < c53ed55cb275344086e32a7080a6b19cb183650b

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 2.6.14

Status affected

Version 0

Version < 2.6.14

Status unaffected

Version <= 4.9.*

Version 4.9.337

Status unaffected

Version <= 4.14.*

Version 4.14.303

Status unaffected

Version <= 4.19.*

Version 4.19.270

Status unaffected

Version <= 5.4.*

Version 5.4.229

Status unaffected

Version <= 5.10.*

Version 5.10.163

Status unaffected

Version <= 5.15.*

Version 5.15.86

Status unaffected

Version <= 6.0.*

Version 6.0.16

Status unaffected

Version <= 6.1.*

Version 6.1.2

Status unaffected

Version <= *

Version 6.2

Status unaffected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.06%	0.196

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/8399318b13dc9e0569dee07ba2994098926d4fb2

https://git.kernel.org/stable/c/95040de81c629cd8d3c6ab5b50a8bd5088068303

https://git.kernel.org/stable/c/ba8f0ca386dd15acf5a93cbac932392c7818eab4

https://git.kernel.org/stable/c/6a95b17e4d4cd2d8278559f930b447f8c9c8cff9

https://git.kernel.org/stable/c/cff9fefdfbf5744afbb6d70bff2b49ec2065d23d

https://git.kernel.org/stable/c/7af9cb8cbb81308ce4b06cc7164267faccbf75dd

https://git.kernel.org/stable/c/ae21b03f904736eb2aa9bd119d2a14e741f1681f

https://git.kernel.org/stable/c/88579c158e026860c61c4192531e8bc42f4bc642

https://git.kernel.org/stable/c/c53ed55cb275344086e32a7080a6b19cb183650b

https://nvd.nist.gov/vuln/detail/CVE-2022-50747

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-50747

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-50747

EUVD