CVE-2022-50021

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.19.0-rc6+

Description A vulnerability in the Linux kernel has been identified where the block range is not properly validated before use in ext4 mb clear bb(), potentially leading to issues on corrupted file systems. This can cause a kernel bug, as seen in a case found by syzkaller, resulting in a crash. The vulnerability is related to the ext4 file system, specifically when using bigalloc.

Recommendations For Linux kernel versions prior to 5.19.0-rc6+, update to a version that includes the fix for the block range validation issue in ext4 mb clear bb(). As a temporary workaround, consider disabling the use of bigalloc on ext4 file systems until a patch is available. Restrict access to the ext4 free blocks() and ext4 mb clear bb() functions to minimize the risk of exploitation. Avoid using the affected ext4 file system features until the issue is resolved.