CVE-2022-49739
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-49739
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49739.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-49739
- Downstream
- Related
- Published
- 2025-03-27T17:15:38Z
- Modified
- 2025-08-09T20:01:25Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
gfs2: Always check inode size of inline inodes
Check if the inode size of stuffed (inline) inodes is within the allowed range when reading inodes from disk (gfs2dinodein()). This prevents us from on-disk corruption.
The two checks in stuffedreadpage() and gfs2unstuffer_page() that just truncate inline data to the maximum allowed size don't actually make sense, and they can be removed now as well.
- References
-
- https://git.kernel.org/stable/c/45df749f827c286adbc951f2a4865b67f0442ba9
- https://git.kernel.org/stable/c/46c9088cabd4d0469fdb61ac2a9c5003057fe94d
- https://git.kernel.org/stable/c/4d4cb76636134bf9a0c9c3432dae936f99954586
- https://git.kernel.org/stable/c/70376c7ff31221f1d21db5611d8209e677781d3a
- https://git.kernel.org/stable/c/7c414f6f06e9a3934901b6edc3177ae5a1e07094
- https://git.kernel.org/stable/c/d458a0984429c2d47e60254f5bc4119cbafe83a2