PT-2025-53113 · Unknown+1 · Hfs Module+1

Published

2022-12-11

Updated

2026-02-24

CVE-2022-50747

CVSS v2.0

1.4

Low

Vector

AV:A/AC:H/Au:S/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw within the hfs module, specifically in the hfs asc2mac() function. A Syzbot report identified an out-of-bounds write issue. This occurs when the input length (in->len) exceeds the maximum HFS filename length (HFS NAMELEN, which is 31). The issue arises because the destination buffer (dst) reaches its boundary while the source length (srclen) remains greater than zero, leading to a write beyond the allocated memory. The hfs asc2mac() function is involved in converting filenames. The hfs cat build key() and hfs lookup() functions are also implicated in the call trace.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

BDU:2026-01335

CVE-2022-50747

SUSE-SU-2026:0263-1

SUSE-SU-2026:0316-1

SUSE-SU-2026:0317-1

SUSE-SU-2026:0411-1

SUSE-SU-2026:0617-1

Affected Products

Linux Kernel

Hfs Module

PT-2025-53113 · Unknown+1 · Hfs Module+1

CVE-2022-50747

Weakness Enumeration

Related Identifiers

Affected Products

References · 1117