CVE-2022-50344

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A null-pointer dereference issue was identified in the ext4 filesystem within the Linux kernel. The vulnerability occurs during the ext4 write info function, potentially triggered during filesystem unmounting (umount) and related operations like dquot writeback dquots, ext4 sync fs, and generic shutdown super. The root cause involves a null pointer being dereferenced when accessing the inode of the root directory (s root) after it has been set to NULL during the unmount process. The call trace indicates the issue originates from exit to user mode prepare and propagates through filesystem shutdown routines.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

ALSA-2025_16880

BDU:2026-04864

CESA-2024_3138

CVE-2022-50344

RHSA-2023:2458

RHSA-2023_2458

RHSA-2024:3138

RHSA-2024_3138

SUSE-SU-2025:03613-1

SUSE-SU-2025:03614-1

SUSE-SU-2025:03615-1

SUSE-SU-2025:03626-1

SUSE-SU-2025:03628-1

SUSE-SU-2025:3716-1

SUSE-SU-2025:3761-1

Affected Products

Astra Linux

Centos

Linux Kernel

Red Hat

Suse

Ext4

CVE-2022-50344

Weakness Enumeration

Related Identifiers

Affected Products

References · 1015