CVE - CVE-2022-50083

CVE-ID
CVE-2022-50083	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h When adding an xattr to an inode, we must ensure that the inode_size is not less than EXT4_GOOD_OLD_INODE_SIZE + extra_isize + pad. Otherwise, the end position may be greater than the start position, resulting in UAF.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/0e69cf833161b29b2e25dcbf2f2b4e70d75b15cf URL:https://git.kernel.org/stable/c/0e69cf833161b29b2e25dcbf2f2b4e70d75b15cf MISC:https://git.kernel.org/stable/c/179b14152dcb6a24c3415200603aebca70ff13af URL:https://git.kernel.org/stable/c/179b14152dcb6a24c3415200603aebca70ff13af MISC:https://git.kernel.org/stable/c/214c68423fd632646c68f3ec8b3c2602cf8273f3 URL:https://git.kernel.org/stable/c/214c68423fd632646c68f3ec8b3c2602cf8273f3 MISC:https://git.kernel.org/stable/c/2da44a2927a71bff2bc66cefa8cfbd2ace702536 URL:https://git.kernel.org/stable/c/2da44a2927a71bff2bc66cefa8cfbd2ace702536 MISC:https://git.kernel.org/stable/c/37d82aa78346866552d573e8badc0aa8db8f1eea URL:https://git.kernel.org/stable/c/37d82aa78346866552d573e8badc0aa8db8f1eea MISC:https://git.kernel.org/stable/c/4cdc284ffadd6a989f24107ee7f09be43b748fbb URL:https://git.kernel.org/stable/c/4cdc284ffadd6a989f24107ee7f09be43b748fbb MISC:https://git.kernel.org/stable/c/748d17d47687e178f8e38938447fa4636c071c41 URL:https://git.kernel.org/stable/c/748d17d47687e178f8e38938447fa4636c071c41 MISC:https://git.kernel.org/stable/c/e6321fda51e5b4dd7ec295afb84cbf63c2634c7b URL:https://git.kernel.org/stable/c/e6321fda51e5b4dd7ec295afb84cbf63c2634c7b MISC:https://git.kernel.org/stable/c/f217b1ccb178475192e6a516fab7230f51ddae94 URL:https://git.kernel.org/stable/c/f217b1ccb178475192e6a516fab7230f51ddae94
Assigning CNA
kernel.org
Date Record Created
20250618	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20250618)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)

Use of the CVE™ List and the associated references from this website are subject to the terms of use. CVE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA). Copyright © 1999–2025, The MITRE Corporation. CVE is a trademark and the CVE logo is a registered trademark of The MITRE Corporation.