CVE-2022-49147
- Source
- https://cve.org/CVERecord?id=CVE-2022-49147
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49147.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-49147
- Downstream
- Related
- Published
- 2025-02-26T01:55:15.373Z
- Modified
- 2026-03-20T12:22:12.985914Z
- Summary
- block: Fix the maximum minor value is blk_alloc_ext_minor()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
block: Fix the maximum minor value is blkallocext_minor()
idaallocrange(..., min, max, ...) returns values from min to max, inclusive.
So, NREXTDEVT is a valid idx returned by blkallocext_minor().
This is an issue because in deviceadddisk(), this value is used in: ddev->devt = MKDEV(disk->major, disk->firstminor); and NREXT_DEVT is '(1 << MINORBITS)'.
So, should 'disk->firstminor' be NREXT_DEVT, it would overflow.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49147.json" }- References
-
- https://git.kernel.org/stable/c/0f8cf8f5ccbad25ed6828875b222dbab29d5c272
- https://git.kernel.org/stable/c/5b9ac3727e4abb11c9cfbe9c0781fc05dfdd7cfb
- https://git.kernel.org/stable/c/d1868328dec5ae2cf210111025fcbc71f78dd5ca
- https://git.kernel.org/stable/c/fbe2cc4525480ddd20c866bb5c0578071e01451a
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49147.json
- https://nvd.nist.gov/vuln/detail/CVE-2022-49147
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced22ae8ce8b89241c94ac00c237752c0ffa37ba5aeFixed5b9ac3727e4abb11c9cfbe9c0781fc05dfdd7cfbFixed0f8cf8f5ccbad25ed6828875b222dbab29d5c272Fixedfbe2cc4525480ddd20c866bb5c0578071e01451aFixedd1868328dec5ae2cf210111025fcbc71f78dd5ca