CVE-2022-50306

Name of the Vulnerable Software and Affected Versions linux (affected versions not specified)

Description The Linux kernel contains a flaw within the ext4 filesystem code. A potential out-of-bounds read can occur in the ext4 fc replay scan() function during journal scanning when mounting a corrupted filesystem image. This is due to insufficient space checks within the scan loop, specifically when handling ADD RANGE, HEAD, and TAIL tags, which read data during the scan process. The tag length must be greater than or equal to the data length being read to prevent the out-of-bounds read.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.