CVE-2022-50766

EPSS 0.03%
Veröffentlicht 24.12.2025 13:05:56
Zuletzt bearbeitet 29.12.2025 15:58:34
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

btrfs: set generation before calling btrfs_clean_tree_block in btrfs_init_new_buffer

syzbot is reporting uninit-value in btrfs_clean_tree_block() [1], for
commit bc877d285ca3dba2 ("btrfs: Deduplicate extent_buffer init code")
missed that btrfs_set_header_generation() in btrfs_init_new_buffer() must
not be moved to after clean_tree_block() because clean_tree_block() is
calling btrfs_header_generation() since commit 55c69072d6bd5be1 ("Btrfs:
Fix extent_buffer usage when nodesize != leafsize").

Since memzero_extent_buffer() will reset "struct btrfs_header" part, we
can't move btrfs_set_header_generation() to before memzero_extent_buffer().
Just re-add btrfs_set_header_generation() before btrfs_clean_tree_block().

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 7

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 0a408c6212c16b9a2a1141d3c531247582ef8101

Version bc877d285ca3dba24c52406946a4a69847cc7422

Status affected

Version < a687c2890fe4a2acaac6941fa4097a1264d8f3eb

Version bc877d285ca3dba24c52406946a4a69847cc7422

Status affected

Version < 89bc41c92d10b905c60f6ec13c9ef664a3555c54

Version bc877d285ca3dba24c52406946a4a69847cc7422

Status affected

Version < cbddcc4fa3443fe8cfb2ff8e210deb1f6a0eea38

Version bc877d285ca3dba24c52406946a4a69847cc7422

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 4.19

Status affected

Version < 4.19

Version 0

Status unaffected

Version <= 5.15.*

Version 5.15.75

Status unaffected

Version <= 5.19.*

Version 5.19.17

Status unaffected

Version <= 6.0.*

Version 6.0.3

Status unaffected

Version <= *

Version 6.1

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.064

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/0a408c6212c16b9a2a1141d3c531247582ef8101

https://git.kernel.org/stable/c/a687c2890fe4a2acaac6941fa4097a1264d8f3eb

https://git.kernel.org/stable/c/89bc41c92d10b905c60f6ec13c9ef664a3555c54

https://git.kernel.org/stable/c/cbddcc4fa3443fe8cfb2ff8e210deb1f6a0eea38

https://nvd.nist.gov/vuln/detail/CVE-2022-50766

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-50766

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-50766

EUVD