CVE-2022-50668
- Source
- https://cve.org/CVERecord?id=CVE-2022-50668
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-50668.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-50668
- Downstream
- Related
- Published
- 2025-12-09T01:29:19.526Z
- Modified
- 2026-03-20T11:47:34.614964Z
- Summary
- ext4: fix deadlock due to mbcache entry corruption
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
ext4: fix deadlock due to mbcache entry corruption
When manipulating xattr blocks, we can deadlock infinitely looping inside ext4xattrblockset() where we constantly keep finding xattr block for reuse in mbcache but we are unable to reuse it because its reference count is too big. This happens because cache entry for the xattr block is marked as reusable (ereusable set) although its reference count is too big. When this inconsistency happens, this inconsistent state is kept indefinitely and so ext4xattrblock_set() keeps retrying indefinitely.
The inconsistent state is caused by non-atomic update of ereusable bit. ereusable is part of a bitfield and ereusable update can race with update of ereferenced bit in the same bitfield resulting in loss of one of the updates. Fix the problem by using atomic bitops instead.
This bug has been around for many years, but it became much easier to hit after commit 65f8b80053a1 ("ext4: fix race when reusing xattr blocks").
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50668.json" }- References
-
- https://git.kernel.org/stable/c/127b80cefb941a81255c72f11081123f3a705369
- https://git.kernel.org/stable/c/1be16a0c2f10186df505e28b0cc92d7f3366e2a8
- https://git.kernel.org/stable/c/5bc0b2fda4b47c86278f7c6d30c211f425bf51cf
- https://git.kernel.org/stable/c/a44e84a9b7764c72896f7241a0ec9ac7e7ef38dd
- https://git.kernel.org/stable/c/af53065276376750dfac35a7248af18806404c5d
- https://git.kernel.org/stable/c/cc1538c693d25e282bed8c54b65c914a04023a78
- https://git.kernel.org/stable/c/efaa0ca678f56d47316a08030b2515678cebbc50
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50668.json
- https://nvd.nist.gov/vuln/detail/CVE-2022-50668
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced6048c64b26097a0ffbd966866b599f990e674e9bFixedefaa0ca678f56d47316a08030b2515678cebbc50Fixedaf53065276376750dfac35a7248af18806404c5dFixed1be16a0c2f10186df505e28b0cc92d7f3366e2a8Fixed5bc0b2fda4b47c86278f7c6d30c211f425bf51cfFixed127b80cefb941a81255c72f11081123f3a705369Fixedcc1538c693d25e282bed8c54b65c914a04023a78Fixeda44e84a9b7764c72896f7241a0ec9ac7e7ef38dd
Linux / Kernel
Package
- Name
- Kernel
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced4.6.0Fixed4.19.270
- Type
- ECOSYSTEM
- Events
-
Introduced4.20.0Fixed5.4.229
- Type
- ECOSYSTEM
- Events
-
Introduced5.5.0Fixed5.10.163
- Type
- ECOSYSTEM
- Events
-
Introduced5.11.0Fixed5.15.87
- Type
- ECOSYSTEM
- Events
-
Introduced5.16.0Fixed6.0.18
- Type
- ECOSYSTEM
- Events
-
Introduced6.1.0Fixed6.1.4