CVE-2022-50442

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.0.0-rc6

Description The Linux kernel contains a flaw in the NTFS3 implementation related to buffer length validation during index parsing. Specifically, the indx read function lacks proper bounds checking when processing index buffers, potentially leading to out-of-bounds memory access. This issue occurs during NTFS directory operations that require additional information from index buffers. A kernel crash report indicates a KASAN (Kernel Address Sanitizer) detection of a slab-out-of-bounds read. The vulnerability is triggered during file system operations, potentially impacting system stability and security.

Recommendations Update to a version newer than 6.0.0-rc6.