In the Linux kernel, the following vulnerability has been resolved:
gfs2: Always check inode size of inline inodes
Check if the inode size of stuffed (inline) inodes is within the allowed range when reading inodes from disk (gfs2dinodein()). This prevents us from on-disk corruption.
The two checks in stuffedreadpage() and gfs2unstuffer_page() that just truncate inline data to the maximum allowed size don't actually make sense, and they can be removed now as well.
{ "vanir_signatures": [ { "digest": { "line_hashes": [ "249122232144619588775345555719924829748", "124731376586809029293348923232960229243", "217995189387011881420605209223720976260", "152222110946698530549791288997723827958", "96092304969312085299519192859323721180" ], "threshold": 0.9 }, "id": "CVE-2022-49739-01ba982e", "signature_version": "v1", "deprecated": false, "signature_type": "Line", "target": { "file": "fs/gfs2/bmap.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@46c9088cabd4d0469fdb61ac2a9c5003057fe94d" }, { "digest": { "line_hashes": [ "248438618760497057348605046801297031855", "78424512661461743737002192115712987696", "264826086561098505273028660104513728111" ], "threshold": 0.9 }, "id": "CVE-2022-49739-0218809c", "signature_version": "v1", "deprecated": false, "signature_type": "Line", "target": { "file": "fs/gfs2/glops.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@70376c7ff31221f1d21db5611d8209e677781d3a" }, { "digest": { "length": 2085.0, "function_hash": "200622412059207154962641388874502774430" }, "id": "CVE-2022-49739-140d83dc", "signature_version": "v1", "deprecated": false, "signature_type": "Function", "target": { "function": "gfs2_dinode_in", "file": "fs/gfs2/glops.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@45df749f827c286adbc951f2a4865b67f0442ba9" }, { "digest": { "length": 2008.0, "function_hash": "172995463689269966612956230528579770987" }, "id": "CVE-2022-49739-15617ebd", "signature_version": "v1", "deprecated": false, "signature_type": "Function", "target": { "function": "gfs2_dinode_in", "file": "fs/gfs2/glops.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d458a0984429c2d47e60254f5bc4119cbafe83a2" }, { "digest": { "length": 589.0, "function_hash": "164570473908427231102784623992284357249" }, "id": "CVE-2022-49739-25988c8a", "signature_version": "v1", "deprecated": false, "signature_type": "Function", "target": { "function": "stuffed_readpage", "file": "fs/gfs2/aops.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@45df749f827c286adbc951f2a4865b67f0442ba9" }, { "digest": { "line_hashes": [ "248438618760497057348605046801297031855", "78424512661461743737002192115712987696", "264826086561098505273028660104513728111" ], "threshold": 0.9 }, "id": "CVE-2022-49739-2f235f9f", "signature_version": "v1", "deprecated": false, "signature_type": "Line", "target": { "file": "fs/gfs2/glops.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@46c9088cabd4d0469fdb61ac2a9c5003057fe94d" }, { "digest": { "length": 996.0, "function_hash": "305261699260289221873767917929654890363" }, "id": "CVE-2022-49739-378310d2", "signature_version": "v1", "deprecated": false, "signature_type": "Function", "target": { "function": "gfs2_unstuffer_page", "file": "fs/gfs2/bmap.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4d4cb76636134bf9a0c9c3432dae936f99954586" }, { "digest": { "line_hashes": [ "99937971126275935110041118373557133386", "143157390962296026748349672830696391302", "219410780040907472526363357765760232264" ], "threshold": 0.9 }, "id": "CVE-2022-49739-3f203654", "signature_version": "v1", "deprecated": false, "signature_type": "Line", "target": { "file": "fs/gfs2/glops.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4d4cb76636134bf9a0c9c3432dae936f99954586" }, { "digest": { "line_hashes": [ "221053181202543078825082852061331226869", "134283612357477100253748447041537845019", "100508699619809290568985700004145234213", "152222110946698530549791288997723827958", "146094350008227931336454550798693143749" ], "threshold": 0.9 }, "id": "CVE-2022-49739-48517234", "signature_version": "v1", "deprecated": false, "signature_type": "Line", "target": { "file": "fs/gfs2/aops.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7c414f6f06e9a3934901b6edc3177ae5a1e07094" }, { "digest": { "line_hashes": [ "221053181202543078825082852061331226869", "134283612357477100253748447041537845019", "100508699619809290568985700004145234213", "152222110946698530549791288997723827958", "146094350008227931336454550798693143749" ], "threshold": 0.9 }, "id": "CVE-2022-49739-57f2dab8", "signature_version": "v1", "deprecated": false, "signature_type": "Line", "target": { "file": "fs/gfs2/aops.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@70376c7ff31221f1d21db5611d8209e677781d3a" }, { "digest": { "length": 794.0, "function_hash": "23223242489000556993371975453157272998" }, "id": "CVE-2022-49739-59076d54", "signature_version": "v1", "deprecated": false, "signature_type": "Function", "target": { "function": "gfs2_unstuffer_page", "file": "fs/gfs2/bmap.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@70376c7ff31221f1d21db5611d8209e677781d3a" }, { "digest": { "length": 1002.0, "function_hash": "329003482783203201450908145243244925391" }, "id": "CVE-2022-49739-6b9f8c23", "signature_version": "v1", "deprecated": false, "signature_type": "Function", "target": { "function": "gfs2_unstuffer_page", "file": "fs/gfs2/bmap.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7c414f6f06e9a3934901b6edc3177ae5a1e07094" }, { "digest": { "line_hashes": [ "248438618760497057348605046801297031855", "78424512661461743737002192115712987696", "264826086561098505273028660104513728111" ], "threshold": 0.9 }, "id": "CVE-2022-49739-6fc631ba", "signature_version": "v1", "deprecated": false, "signature_type": "Line", "target": { "file": "fs/gfs2/glops.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d458a0984429c2d47e60254f5bc4119cbafe83a2" }, { "digest": { "length": 2008.0, "function_hash": "172995463689269966612956230528579770987" }, "id": "CVE-2022-49739-7045b925", "signature_version": "v1", "deprecated": false, "signature_type": "Function", "target": { "function": "gfs2_dinode_in", "file": "fs/gfs2/glops.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@46c9088cabd4d0469fdb61ac2a9c5003057fe94d" }, { "digest": { "length": 596.0, "function_hash": "142604662389494264597372549358334014250" }, "id": "CVE-2022-49739-7166b13c", "signature_version": "v1", "deprecated": false, "signature_type": "Function", "target": { "function": "stuffed_readpage", "file": "fs/gfs2/aops.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@70376c7ff31221f1d21db5611d8209e677781d3a" }, { "digest": { "line_hashes": [ "249122232144619588775345555719924829748", "124731376586809029293348923232960229243", "217995189387011881420605209223720976260", "152222110946698530549791288997723827958", "96092304969312085299519192859323721180" ], "threshold": 0.9 }, "id": "CVE-2022-49739-760a69f6", "signature_version": "v1", "deprecated": false, "signature_type": "Line", "target": { "file": "fs/gfs2/bmap.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7c414f6f06e9a3934901b6edc3177ae5a1e07094" }, { "digest": { "line_hashes": [ "221053181202543078825082852061331226869", "134283612357477100253748447041537845019", "100508699619809290568985700004145234213", "152222110946698530549791288997723827958", "146094350008227931336454550798693143749" ], "threshold": 0.9 }, "id": "CVE-2022-49739-76f6fc2e", "signature_version": "v1", "deprecated": false, "signature_type": "Line", "target": { "file": "fs/gfs2/aops.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@46c9088cabd4d0469fdb61ac2a9c5003057fe94d" }, { "digest": { "length": 596.0, "function_hash": "142604662389494264597372549358334014250" }, "id": "CVE-2022-49739-7abf1ce5", "signature_version": "v1", "deprecated": false, "signature_type": "Function", "target": { "function": "stuffed_readpage", "file": "fs/gfs2/aops.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7c414f6f06e9a3934901b6edc3177ae5a1e07094" }, { "digest": { "line_hashes": [ "99937971126275935110041118373557133386", "143157390962296026748349672830696391302", "219410780040907472526363357765760232264" ], "threshold": 0.9 }, "id": "CVE-2022-49739-7f13c885", "signature_version": "v1", "deprecated": false, "signature_type": "Line", "target": { "file": "fs/gfs2/glops.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@45df749f827c286adbc951f2a4865b67f0442ba9" }, { "digest": { "length": 596.0, "function_hash": "142604662389494264597372549358334014250" }, "id": "CVE-2022-49739-86adb9bd", "signature_version": "v1", "deprecated": false, "signature_type": "Function", "target": { "function": "stuffed_readpage", "file": "fs/gfs2/aops.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@46c9088cabd4d0469fdb61ac2a9c5003057fe94d" }, { "digest": { "length": 2085.0, "function_hash": "200622412059207154962641388874502774430" }, "id": "CVE-2022-49739-9e67ca41", "signature_version": "v1", "deprecated": false, "signature_type": "Function", "target": { "function": "gfs2_dinode_in", "file": "fs/gfs2/glops.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4d4cb76636134bf9a0c9c3432dae936f99954586" }, { "digest": { "length": 596.0, "function_hash": "142604662389494264597372549358334014250" }, "id": "CVE-2022-49739-a0350938", "signature_version": "v1", "deprecated": false, "signature_type": "Function", "target": { "function": "stuffed_readpage", "file": "fs/gfs2/aops.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4d4cb76636134bf9a0c9c3432dae936f99954586" }, { "digest": { "line_hashes": [ "99937971126275935110041118373557133386", "143157390962296026748349672830696391302", "219410780040907472526363357765760232264" ], "threshold": 0.9 }, "id": "CVE-2022-49739-a29b47db", "signature_version": "v1", "deprecated": false, "signature_type": "Line", "target": { "file": "fs/gfs2/glops.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7c414f6f06e9a3934901b6edc3177ae5a1e07094" }, { "digest": { "length": 596.0, "function_hash": "142604662389494264597372549358334014250" }, "id": "CVE-2022-49739-a2ad30f2", "signature_version": "v1", "deprecated": false, "signature_type": "Function", "target": { "function": "stuffed_readpage", "file": "fs/gfs2/aops.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d458a0984429c2d47e60254f5bc4119cbafe83a2" }, { "digest": { "line_hashes": [ "221053181202543078825082852061331226869", "134283612357477100253748447041537845019", "100508699619809290568985700004145234213", "152222110946698530549791288997723827958", "146094350008227931336454550798693143749" ], "threshold": 0.9 }, "id": "CVE-2022-49739-a5507c59", "signature_version": "v1", "deprecated": false, "signature_type": "Line", "target": { "file": "fs/gfs2/aops.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@45df749f827c286adbc951f2a4865b67f0442ba9" }, { "digest": { "line_hashes": [ "221053181202543078825082852061331226869", "134283612357477100253748447041537845019", "100508699619809290568985700004145234213", "152222110946698530549791288997723827958", "146094350008227931336454550798693143749" ], "threshold": 0.9 }, "id": "CVE-2022-49739-b015837f", "signature_version": "v1", "deprecated": false, "signature_type": "Line", "target": { "file": "fs/gfs2/aops.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4d4cb76636134bf9a0c9c3432dae936f99954586" }, { "digest": { "length": 2083.0, "function_hash": "113149152516871711879121551661256965881" }, "id": "CVE-2022-49739-c270d62c", "signature_version": "v1", "deprecated": false, "signature_type": "Function", "target": { "function": "gfs2_dinode_in", "file": "fs/gfs2/glops.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7c414f6f06e9a3934901b6edc3177ae5a1e07094" }, { "digest": { "line_hashes": [ "249122232144619588775345555719924829748", "124731376586809029293348923232960229243", "217995189387011881420605209223720976260", "152222110946698530549791288997723827958", "96092304969312085299519192859323721180" ], "threshold": 0.9 }, "id": "CVE-2022-49739-c9edf571", "signature_version": "v1", "deprecated": false, "signature_type": "Line", "target": { "file": "fs/gfs2/bmap.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@45df749f827c286adbc951f2a4865b67f0442ba9" }, { "digest": { "line_hashes": [ "249122232144619588775345555719924829748", "124731376586809029293348923232960229243", "217995189387011881420605209223720976260", "152222110946698530549791288997723827958", "96092304969312085299519192859323721180" ], "threshold": 0.9 }, "id": "CVE-2022-49739-d12280a5", "signature_version": "v1", "deprecated": false, "signature_type": "Line", "target": { "file": "fs/gfs2/bmap.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4d4cb76636134bf9a0c9c3432dae936f99954586" }, { "digest": { "line_hashes": [ "221053181202543078825082852061331226869", "134283612357477100253748447041537845019", "100508699619809290568985700004145234213", "152222110946698530549791288997723827958", "146094350008227931336454550798693143749" ], "threshold": 0.9 }, "id": "CVE-2022-49739-dd917cb7", "signature_version": "v1", "deprecated": false, "signature_type": "Line", "target": { "file": "fs/gfs2/aops.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d458a0984429c2d47e60254f5bc4119cbafe83a2" }, { "digest": { "line_hashes": [ "249122232144619588775345555719924829748", "124731376586809029293348923232960229243", "217995189387011881420605209223720976260", "152222110946698530549791288997723827958", "96092304969312085299519192859323721180" ], "threshold": 0.9 }, "id": "CVE-2022-49739-de80475f", "signature_version": "v1", "deprecated": false, "signature_type": "Line", "target": { "file": "fs/gfs2/bmap.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@70376c7ff31221f1d21db5611d8209e677781d3a" }, { "digest": { "length": 2008.0, "function_hash": "172995463689269966612956230528579770987" }, "id": "CVE-2022-49739-e3a8aa9f", "signature_version": "v1", "deprecated": false, "signature_type": "Function", "target": { "function": "gfs2_dinode_in", "file": "fs/gfs2/glops.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@70376c7ff31221f1d21db5611d8209e677781d3a" }, { "digest": { "length": 794.0, "function_hash": "23223242489000556993371975453157272998" }, "id": "CVE-2022-49739-e5633fbe", "signature_version": "v1", "deprecated": false, "signature_type": "Function", "target": { "function": "gfs2_unstuffer_page", "file": "fs/gfs2/bmap.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d458a0984429c2d47e60254f5bc4119cbafe83a2" }, { "digest": { "length": 794.0, "function_hash": "23223242489000556993371975453157272998" }, "id": "CVE-2022-49739-efcfb3c5", "signature_version": "v1", "deprecated": false, "signature_type": "Function", "target": { "function": "gfs2_unstuffer_page", "file": "fs/gfs2/bmap.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@46c9088cabd4d0469fdb61ac2a9c5003057fe94d" }, { "digest": { "line_hashes": [ "249122232144619588775345555719924829748", "124731376586809029293348923232960229243", "217995189387011881420605209223720976260", "152222110946698530549791288997723827958", "96092304969312085299519192859323721180" ], "threshold": 0.9 }, "id": "CVE-2022-49739-f048a99b", "signature_version": "v1", "deprecated": false, "signature_type": "Line", "target": { "file": "fs/gfs2/bmap.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d458a0984429c2d47e60254f5bc4119cbafe83a2" }, { "digest": { "length": 996.0, "function_hash": "305261699260289221873767917929654890363" }, "id": "CVE-2022-49739-faba9707", "signature_version": "v1", "deprecated": false, "signature_type": "Function", "target": { "function": "gfs2_unstuffer_page", "file": "fs/gfs2/bmap.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@45df749f827c286adbc951f2a4865b67f0442ba9" } ] }