CVE - CVE-2022-49166

CVE-ID
CVE-2022-49166	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: ntfs: add sanity check on allocation size ntfs_read_inode_mount invokes ntfs_malloc_nofs with zero allocation size. It triggers one BUG in the __ntfs_malloc function. Fix this by adding sanity check on ni->attr_list_size.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/07793d2e55563124108762f4e5f811db92ffe02f URL:https://git.kernel.org/stable/c/07793d2e55563124108762f4e5f811db92ffe02f MISC:https://git.kernel.org/stable/c/115fae2c1566eacc5ad2055f72521354612e72c3 URL:https://git.kernel.org/stable/c/115fae2c1566eacc5ad2055f72521354612e72c3 MISC:https://git.kernel.org/stable/c/21d490232f323ed4053eb9924615e6fea291f154 URL:https://git.kernel.org/stable/c/21d490232f323ed4053eb9924615e6fea291f154 MISC:https://git.kernel.org/stable/c/24ab2d4ef52c2dbb62a60844b87fc8872383407a URL:https://git.kernel.org/stable/c/24ab2d4ef52c2dbb62a60844b87fc8872383407a MISC:https://git.kernel.org/stable/c/714fbf2647b1a33d914edd695d4da92029c7e7c0 URL:https://git.kernel.org/stable/c/714fbf2647b1a33d914edd695d4da92029c7e7c0 MISC:https://git.kernel.org/stable/c/b230f2d9441a34c7f483d39ab78519bcf73cc2e0 URL:https://git.kernel.org/stable/c/b230f2d9441a34c7f483d39ab78519bcf73cc2e0 MISC:https://git.kernel.org/stable/c/bd8d7daa0e53b184a2f3c6e0d47330780d0a0650 URL:https://git.kernel.org/stable/c/bd8d7daa0e53b184a2f3c6e0d47330780d0a0650 MISC:https://git.kernel.org/stable/c/c641087d381a08363e5f14179bc6b0a23eca7c47 URL:https://git.kernel.org/stable/c/c641087d381a08363e5f14179bc6b0a23eca7c47 MISC:https://git.kernel.org/stable/c/fe41ad8be036a3de3e4bdde709551aeb4de2fe7d URL:https://git.kernel.org/stable/c/fe41ad8be036a3de3e4bdde709551aeb4de2fe7d
Assigning CNA
kernel.org
Date Record Created
20250226	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20250226)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)

Use of the CVE® List and the associated references from this website are subject to the terms of use. CVE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA). Copyright © 1999–2025, The MITRE Corporation. CVE and the CVE logo are registered trademarks of The MITRE Corporation.