CVE-2022-49428

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability in the Linux kernel has been identified, which can cause a kernel panic. The issue arises when the inline dots flag is set in a special file, such as a character, block, FIFO, or socket file, and the f2fs filesystem attempts to recover dot dentries. This can lead to a NULL pointer access when f2fs add regular entry() calls a ops->set dirty page(). The vulnerability can be triggered by creating a directory, mounting a fuzzed image, and listing the directory contents.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.