CVE-2022-49347

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.18.0-rc2-next-20220413+ #155

Description A bug in the Linux kernel has been resolved, specifically in the ext4 file system. The issue occurs when writing inline data to an inode, which can lead to an inconsistent state and cause a kernel bug. This happens when the inline data size is too small, and a block is allocated to write, resulting in a dirty page. The root cause is the destruction of inline data until the call to ext4 writepages under delay allocation mode, but there may already be a conversion from inline to extent. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents where this issue was exploited.

Recommendations To resolve this issue, update the Linux kernel to a version that includes the fix for the ext4 file system bug. As a temporary workaround, consider disabling the delay allocation mode until a patch is available. Restrict access to the ext4 file system to minimize the risk of exploitation. Avoid using the ext4 writepages function until the issue is resolved.