CVE-2022-50746

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2022-50746
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-50746.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-50746
Downstream
Published
2025-12-24T13:05:42.628Z
Modified
2026-03-20T12:22:37.676007Z
Summary
erofs: validate the extent length for uncompressed pclusters
Details

In the Linux kernel, the following vulnerability has been resolved:

erofs: validate the extent length for uncompressed pclusters

syzkaller reported a KASAN use-after-free: https://syzkaller.appspot.com/bug?extid=2ae90e873e97f1faf6f2

The referenced fuzzed image actually has two issues: - m_pa == 0 as a non-inlined pcluster; - The logical length is longer than its physical length.

The first issue has already been addressed. This patch addresses the second issue by checking the extent length validity.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50746.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
02827e1796b33f1794966f5c3101f8da2dfa9c1d
Fixed
dc8b6bd587b13b85aff6e9d36cdfcd3f955cac9e
Fixed
40c73b2ea9611b5388807be406f30f5e4e1162da
Fixed
c505feba4c0d76084e56ec498ce819f02a7043ae

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-50746.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
4.19.0
Fixed
6.0.16
Type
ECOSYSTEM
Events
Introduced
6.1.0
Fixed
6.1.2

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-50746.json"