PT-2025-43091 · Linux+1 · Linux Kernel+1
Published
2022-12-11
·
Updated
2025-12-04
·
CVE-2022-50581
CVSS v2.0
4.6
Medium
| Vector | AV:L/AC:L/Au:S/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Linux kernel versions prior to 6.1.0-rc6-syzkaller-00308-g644e9524388a
Description
The Linux kernel contains a flaw within the HFS file system implementation. Specifically, a potential out-of-bounds read issue exists in the
hfs brec find function, triggered by an incorrect input inode to hfs write inode(). This occurs when the len field within the hfs name structure exceeds the maximum allowed HFS filename length (HFS NAMELEN, which is 31). The issue is ultimately caused by an out-of-bounds read in the hfs strcmp function during a comparison operation. The Syzbot fuzzer identified this condition.Recommendations
Update the Linux kernel to version 6.1.0-rc6-syzkaller-00308-g644e9524388a or a later version that includes the fix.
Exploit
Fix
Out of bounds Read
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Linux Kernel
Suse