CVE - CVE-2022-49363

CVE-ID
CVE-2022-49363	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on block address in f2fs_do_zero_range() As Yanming reported in bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=215894 I have encountered a bug in F2FS file system in kernel v5.17. I have uploaded the system call sequence as case.c, and a fuzzed image can be found in google net disk The kernel should enable CONFIG_KASAN=y and CONFIG_KASAN_INLINE=y. You can reproduce the bug by running the following commands: kernel BUG at fs/f2fs/segment.c:2291! Call Trace: f2fs_invalidate_blocks+0x193/0x2d0 f2fs_fallocate+0x2593/0x4a70 vfs_fallocate+0x2a5/0xac0 ksys_fallocate+0x35/0x70 __x64_sys_fallocate+0x8e/0xf0 do_syscall_64+0x3b/0x90 entry_SYSCALL_64_after_hwframe+0x44/0xae The root cause is, after image was fuzzed, block mapping info in inode will be inconsistent with SIT table, so in f2fs_fallocate(), it will cause panic when updating SIT with invalid blkaddr. Let's fix the issue by adding sanity check on block address before updating SIT table with it.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/25f8236213a91efdf708b9d77e9e51b6fc3e141c URL:https://git.kernel.org/stable/c/25f8236213a91efdf708b9d77e9e51b6fc3e141c MISC:https://git.kernel.org/stable/c/470493be19a5730ed432e3ac0f29a2ee7fc6c557 URL:https://git.kernel.org/stable/c/470493be19a5730ed432e3ac0f29a2ee7fc6c557 MISC:https://git.kernel.org/stable/c/7361c9f2bd6a8f0cbb41cdea9aff04765ff23f67 URL:https://git.kernel.org/stable/c/7361c9f2bd6a8f0cbb41cdea9aff04765ff23f67 MISC:https://git.kernel.org/stable/c/805b48b234a2803cb7daec7f158af12f0fbaefac URL:https://git.kernel.org/stable/c/805b48b234a2803cb7daec7f158af12f0fbaefac MISC:https://git.kernel.org/stable/c/a34d7b49894b0533222188a52e2958750f830efd URL:https://git.kernel.org/stable/c/a34d7b49894b0533222188a52e2958750f830efd MISC:https://git.kernel.org/stable/c/f2e1c38b5ac64eb1a16a89c52fb419409d12c25b URL:https://git.kernel.org/stable/c/f2e1c38b5ac64eb1a16a89c52fb419409d12c25b
Assigning CNA
kernel.org
Date Record Created
20250226	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20250226)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)