CVE-2022-50367

HIGH 7.8

fs: fix UAF/GPF bug in nilfs_mdt_destroy

CVSS Score

7.8

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: fs: fix UAF/GPF bug in nilfs_mdt_destroy In alloc_inode, inode_init_always() could return -ENOMEM if security_inode_alloc() fails, which causes inode->i_private uninitialized. Then nilfs_is_metadata_file_inode() returns true and nilfs_free_inode() wrongly calls nilfs_mdt_destroy(), which frees the uninitialized inode->i_private and leads to crashes(e.g., UAF/GPF). Fix this by moving security_inode_alloc just prior to this_cpu_inc(nr_inodes)

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Sep 17, 2025
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new high vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < d1ff475d7c83289d0a7faef346ea3bbf90818bad 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < c0aa76b0f17f59dd9c9d3463550a2986a1d592e4 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < ec2aab115eb38ac4992ea2fcc2a02fbe7af5cf48 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 70e4f70d54e0225f91814e8610477d65f33cefe4 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 1e555c3ed1fce4b278aaebe18a64a934cece57d8 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 64b79e632869ad3ef6c098a4731d559381da1115 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 81de80330fa6907aec32eb54c5619059e6e36452 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 2a96b532098284ecf8e4849b8b9e5fc7a28bdee9 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 2e488f13755ffbb60f307e991b27024716a33b29

Linux / Linux

2.6.12

References

NVD ↗ CVE.org ↗ EPSS Data ↗