CVE-2022-49075

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability in the Linux kernel has been identified, specifically in the btrfs file system. The issue arises from an overflow in the qgroup reserve limit when using the fallocate function to allocate a large range, exceeding 4GiB. This occurs because the bytes changed variable is set as an unsigned int, which overflows when dealing with large allocations. As a result, the qgroup limit is broken. The problem is demonstrated by a test script that attempts to fallocate files larger than the set qgroup limit, showing that the limit is indeed exceeded.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.