PT-2025-8641 · Linux+4 · Linux Kernel+4

Hulk Robot

Published

2022-06-18

Updated

2025-04-16

CVE-2022-49708

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A bug has been identified in the Linux kernel, specifically in the ext4 file system. The issue occurs when the ext4 mb use inode pa function is called, leading to a BUG ON error at fs/ext4/mballoc.c:3211. This error can be triggered by a sequence of system calls, including do fsync, vfs fsync range, ext4 sync file, and ext4 writepages. The problem can be reproduced using the fallocate, mkfs.ext4, mount, and fsstress commands. The issue is related to the calculation of disk space usage and can occur when the size of an allocation is truncated.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Allocation of Resources Without Limits

Assertion Failure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-770CWE-617

Related Identifiers

BDU:2026-03708

CESA-2022_7683

CVE-2022-49708

OPENSUSE-SU-2025_1263-1

RHSA-2022:7683

RHSA-2022:8267

RHSA-2022_7683

RHSA-2022_8267

SUSE-SU-2025:1027-1

SUSE-SU-2025:1176-1

SUSE-SU-2025:1183-1

SUSE-SU-2025:1194-1

SUSE-SU-2025:1241-1

SUSE-SU-2025:1263-1

SUSE-SU-2025:1293-1

SUSE-SU-2025_1027-1

SUSE-SU-2025_1241-1

SUSE-SU-2025_1263-1

SUSE-SU-2025_1293-1

Affected Products

Astra Linux

Centos

Linux Kernel

Red Hat

Suse

PT-2025-8641 · Linux+4 · Linux Kernel+4

CVE-2022-49708

Weakness Enumeration

Related Identifiers

Affected Products

References · 1506