CVE-2022-50009

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.19.0-rc6-next-20220715

Description A null pointer dereference issue was found in the f2fs get dnode of data function. This issue occurs when testing f2fs atomic write, resulting in errors such as "Can't find valid F2FS filesystem in 2th superblock" and "invalid crc offset: 0". The problem arises from the introduction of a new atomic write way, which creates a cow inode for atomic write files and marks it as FI ATOMIC FILE. When f2fs do write data page writes to the cow inode, it uses the cow inode's cow inode, which is NULL, triggering a null pointer dereference.

Recommendations To solve this issue, introduce the FI COW FILE flag for COW inodes. For Linux kernel versions prior to 5.19.0-rc6-next-20220715, apply the fix introduced in commit 3db1de0e582c, which changes the current atomic write way.