DEBIAN-CVE-2022-50730

See a problem?
Please try reporting it to the source first.
Source
https://security-tracker.debian.org/tracker/CVE-2022-50730
Import Source
https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2022-50730.json
JSON Data
https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2022-50730
Upstream
Published
2025-12-24T13:15:59.667Z
Modified
2025-12-25T11:16:13.737567Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved: ext4: silence the warning when evicting inode with dioreadnolock When evicting an inode with default dioreadnolock, it could be raced by the unwritten extents converting kworker after writeback some new allocated dirty blocks. It convert unwritten extents to written, the extents could be merged to upper level and free extent blocks, so it could mark the inode dirty again even this inode has been marked IFREEING. But the inode->iiolist check and warning in ext4evictinode() missing this corner case. Fortunately, ext4evictinode() will wait all extents converting finished before this check, so it will not lead to inode use-after-free problem, every thing is OK besides this warning. The WARNONONCE was originally designed for finding inode use-after-free issues in advance, but if we add current dioreadnolock case in, it will become not quite useful, so fix this warning by just remove this check. ====== WARNING: CPU: 7 PID: 1092 at fs/ext4/inode.c:227 ext4evictinode+0x875/0xc60 ... RIP: 0010:ext4evictinode+0x875/0xc60 ... Call Trace: <TASK> evict+0x11c/0x2b0 iput+0x236/0x3a0 dounlinkat+0x1b4/0x490 _x64sysunlinkat+0x4c/0xb0 dosyscall64+0x3b/0x90 entrySYSCALL64afterhwframe+0x46/0xb0 RIP: 0033:0x7fa933c1115b ====== rm kworker ext4endioend() vfsunlink() ext4unlink() ext4convertunwrittenioendvec() ext4convertunwrittenextents() ext4mapblocks() ext4extmapblocks() ext4exttrytomergeup() _markinodedirty() check !IFREEING lockedinodetowbandlocklist() iput() iputfinal() evict() ext4evictinode() truncateinodepagesfinal() //wait release ioend inodeiolistmovelocked() ext4releaseioend() trigger WARNON_ONCE()

References

Affected packages

Debian:11 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.10.178-1

Affected versions

5.*

5.10.46-4
5.10.46-5
5.10.70-1~bpo10+1
5.10.70-1
5.10.84-1
5.10.92-1~bpo10+1
5.10.92-1
5.10.92-2
5.10.103-1~bpo10+1
5.10.103-1
5.10.106-1
5.10.113-1
5.10.120-1~bpo10+1
5.10.120-1
5.10.127-1
5.10.127-2~bpo10+1
5.10.127-2
5.10.136-1
5.10.140-1
5.10.148-1
5.10.149-1
5.10.149-2
5.10.158-1
5.10.158-2
5.10.162-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2022-50730.json"

Debian:12 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.1.4-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2022-50730.json"

Debian:13 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.1.4-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2022-50730.json"

Debian:14 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.1.4-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2022-50730.json"