CVE-2022-49409

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A bug in the Linux kernel's ext4 file system has been identified, which can cause a system panic due to an incorrect check for overlapping extents. The issue occurs when the ext4 valid extent entries function fails to return an error even if the logical block number (lblock) of an extent is less than or equal to the previous extent's logical block number. This can lead to a BUG ON condition in the es tree search function, resulting in a system crash. The problem can happen when the ext4 fill super function is called, which enables quotas and checks for valid extent entries.

Recommendations To resolve this issue, ensure that the lblock of the first extent is not less than 0, and the lblock of the next extent is not less than the next block of the previous extent. As a temporary workaround, consider disabling the quota functionality until a patch is available. However, since the provided information does not specify the exact versions affected or the fixed version, it is essential to consult the Linux kernel documentation for the latest updates and patches. At the moment, there is no information about a newer version that contains a fix for this vulnerability.