PT-2025-26052 · Linux+4 · Linux Kernel+4

Published

2022-07-15

Updated

2025-09-29

CVE-2022-50126

CVSS v2.0

6.0

Medium

Vector

AV:L/AC:H/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.19.0-rc6

Description A vulnerability in the Linux kernel has been resolved, which caused an assertion failure in the jbd2 journal dirty metadata() function when a journal was aborted. This issue occurred due to a race condition between the jbd2 journal commit transaction and jbd2 journal dirty metadata functions. The vulnerability can be triggered by a specific sequence of unlink operations, leading to a kernel bug. The estimated number of potentially affected devices is not specified.

Recommendations For Linux kernel versions prior to 5.19.0-rc6, update to a version that includes the fix for the jbd2 assertion failure. As a temporary workaround, consider disabling the jbd2 journal dirty metadata() function until a patch is available. Restrict access to the vulnerable jbd2 module to minimize the risk of exploitation.

Exploit

Fix

Assertion Failure

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-617CWE-120

Related Identifiers

ALSA-2025_16880

BDU:2026-03262

CESA-2024_3138

CVE-2022-50126

RHSA-2023:2458

RHSA-2023_2458

RHSA-2024:3138

RHSA-2024_3138

SUSE-SU-2025:02264-1

SUSE-SU-2025:02308-1

SUSE-SU-2025:02320-1

SUSE-SU-2025:02321-1

SUSE-SU-2025:02322-1

SUSE-SU-2025:02334-1

SUSE-SU-2025:02537-1

SUSE-SU-2025:2264-1

SUSE-SU-2025_02264-1

SUSE-SU-2025_02308-1

SUSE-SU-2025_02334-1

SUSE-SU-2025_02537-1

Affected Products

Astra Linux

Centos

Linux Kernel

Red Hat

Suse

PT-2025-26052 · Linux+4 · Linux Kernel+4

CVE-2022-50126

Weakness Enumeration

Related Identifiers

Affected Products

References · 748