CVE-2022-49761

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-49761

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49761.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2022-49761

Related

UBUNTU-CVE-2022-49761

Published

2025-03-27T17:15:41Z

Modified

2025-04-01T16:50:49.170086Z

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

btrfs: always report error in runonedelayed_ref()

Currently we have a btrfsdebug() for runonedelayedref() failure, but if end users hit such problem, there will be no chance that btrfs_debug() is enabled. This can lead to very little useful info for debugging.

This patch will:

Add extra info for error reporting Including:
- logical bytenr
- num_bytes
- type
- action
- ref_mod
Replace the btrfsdebug() with btrfserr()
Move the error reporting into runonedelayed_ref() This is to avoid use-after-free, the @node can be freed in the caller.

This error should only be triggered at most once.

As if runonedelayed_ref() failed, we trigger the error message, then causing the call chain to error out:

btrfsrundelayedrefs() - btrfs_run_delayed_refs()- btrfsrundelayedrefsforhead() `- runonedelayed_ref()

And we will abort the current transaction in btrfsrundelayedrefs(). If we have to run delayed refs for the abort transaction, runonedelayedref() will just cleanup the refs and do nothing, thus no new error messages would be output.

References

Affected packages

Debian:11 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.10.178-1

Affected versions

5.*

5.10.46-4

5.10.46-5

5.10.70-1~bpo10+1

5.10.70-1

5.10.84-1

5.10.92-1~bpo10+1

5.10.92-1

5.10.92-2

5.10.103-1~bpo10+1

5.10.103-1

5.10.106-1

5.10.113-1

5.10.120-1~bpo10+1

5.10.120-1

5.10.127-1

5.10.127-2~bpo10+1

5.10.127-2

5.10.136-1

5.10.140-1

5.10.148-1

5.10.149-1

5.10.149-2

5.10.158-1

5.10.158-2

5.10.162-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.1.8-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.1.8-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}