CVE-2022-50755

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw within the UDF filesystem implementation. Specifically, a double ‘brelse’ call occurs in the udf rename() function. This happens when udf find entry() returns NULL, leading to an unbalanced buffer head count. The issue was identified through syzbot reporting a warning: 'VFS: brelse: Trying to free free buffer'. The root cause is that brelse() is called on both ofibh.sbh and ofibh.ebh by udf find entry() when it returns NULL, and then again by udf rename(). The provided patch resolves this by preventing udf rename() from calling brelse() when udf find entry() returns NULL.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.