CVE-2022-49707

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the fixed version

Description A NULL pointer issue has been identified in the Linux kernel when resizing a corrupt ext4 image with the resize inode feature disabled. This issue can be reproduced by creating an ext4 filesystem, disabling the resize inode feature, mounting the filesystem, and then resizing it. The problem occurs because the es->s reserved gdt blocks is not reduced to zero when the resize inode feature is cleared, leading to a call to reserve backup gdb() with an uninitialized resize inode. This results in a kernel NULL pointer dereference.

Recommendations For Linux kernel versions prior to the fixed version, consider applying the fix that adds a check in ext4 resize begin() to ensure that the es->s reserved gdt blocks is zero when the resize inode feature is disabled. As a temporary workaround, avoid disabling the resize inode feature when creating an ext4 filesystem to minimize the risk of exploitation.