CVE-2022-50753

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.0.0-rc4

Description The Linux kernel contains a flaw within the f2fs file system related to sanity checks on summary information. This issue can lead to a use-after-free condition, specifically triggered by corrupted SSA tables where the ofs in node value exceeds the ADDRS PER PAGE limit, resulting in out-of-range access. The root cause lies in the recover data function, impacting recovery and garbage collection processes. The vulnerability is triggered in fuzzed images, affecting functions such as check index in prev nodes and f2fs data blkaddr.

Recommendations Update to a version later than 6.0.0-rc4.