CVE-2022-50766

EPSS 0.03%
Veröffentlicht 24.12.2025 13:05:56
Zuletzt bearbeitet 15.04.2026 00:35:42
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

btrfs: set generation before calling btrfs_clean_tree_block in btrfs_init_new_buffer

In the Linux kernel, the following vulnerability has been resolved:

btrfs: set generation before calling btrfs_clean_tree_block in btrfs_init_new_buffer

syzbot is reporting uninit-value in btrfs_clean_tree_block() [1], for
commit bc877d285ca3dba2 ("btrfs: Deduplicate extent_buffer init code")
missed that btrfs_set_header_generation() in btrfs_init_new_buffer() must
not be moved to after clean_tree_block() because clean_tree_block() is
calling btrfs_header_generation() since commit 55c69072d6bd5be1 ("Btrfs:
Fix extent_buffer usage when nodesize != leafsize").

Since memzero_extent_buffer() will reset "struct btrfs_header" part, we
can't move btrfs_set_header_generation() to before memzero_extent_buffer().
Just re-add btrfs_set_header_generation() before btrfs_clean_tree_block().

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 7

CNA 2 VulnDex Vulnerability Enrichment 8

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version bc877d285ca3dba24c52406946a4a69847cc7422

Version < 0a408c6212c16b9a2a1141d3c531247582ef8101

Status affected

Version bc877d285ca3dba24c52406946a4a69847cc7422

Version < a687c2890fe4a2acaac6941fa4097a1264d8f3eb

Status affected

Version bc877d285ca3dba24c52406946a4a69847cc7422

Version < 89bc41c92d10b905c60f6ec13c9ef664a3555c54

Status affected

Version bc877d285ca3dba24c52406946a4a69847cc7422

Version < cbddcc4fa3443fe8cfb2ff8e210deb1f6a0eea38

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 4.19

Status affected

Version 0

Version < 4.19

Status unaffected

Version <= 5.15.*

Version 5.15.75

Status unaffected

Version <= 5.19.*

Version 5.19.17

Status unaffected

Version <= 6.0.*

Version 6.0.3

Status unaffected

Version <= *

Version 6.1

Status unaffected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.099

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/0a408c6212c16b9a2a1141d3c531247582ef8101

https://git.kernel.org/stable/c/a687c2890fe4a2acaac6941fa4097a1264d8f3eb

https://git.kernel.org/stable/c/89bc41c92d10b905c60f6ec13c9ef664a3555c54

https://git.kernel.org/stable/c/cbddcc4fa3443fe8cfb2ff8e210deb1f6a0eea38

https://nvd.nist.gov/vuln/detail/CVE-2022-50766

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-50766

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-50766

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2022-50766