github - ghsa-8fxj-p2h6-vh9g

ghsa-8fxj-p2h6-vh9g

Vulnerability from github

Published

2025-12-30 15:30

Modified

2025-12-30 15:30

Details

In the Linux kernel, the following vulnerability has been resolved:

erofs: fix missing unmap if z_erofs_get_extent_compressedlen() fails

Otherwise, meta buffers could be leaked.

Show details on source website

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2022-50811"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-12-30T13:15:55Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nerofs: fix missing unmap if z_erofs_get_extent_compressedlen() fails\n\nOtherwise, meta buffers could be leaked.",
  "id": "GHSA-8fxj-p2h6-vh9g",
  "modified": "2025-12-30T15:30:26Z",
  "published": "2025-12-30T15:30:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50811"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/091a8ca572a2e48554427feda78aa503e98c1028"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/373b6f350aecf5dca2e7474f0b4ec8cca659f2f0"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d5d188b8f8b38d3d71dd05993874b4fc9284ce95"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CVE-2022-50811 (GCVE-0-2022-50811)

Vulnerability from cvelistv5

Published

2025-12-30 12:08

Modified

2025-12-30 12:08

Severity ?

Summary

In the Linux kernel, the following vulnerability has been resolved: erofs: fix missing unmap if z_erofs_get_extent_compressedlen() fails Otherwise, meta buffers could be leaked.

References

URL

Tags

	https://git.kernel.org/stable/c/091a8ca572a2e48554427feda78aa503e98c1028
	https://git.kernel.org/stable/c/373b6f350aecf5dca2e7474f0b4ec8cca659f2f0
	https://git.kernel.org/stable/c/d5d188b8f8b38d3d71dd05993874b4fc9284ce95

Impacted products

Vendor

Product

Version

Version: cec6e93beadfd145758af2c0854fcc2abb8170cb
Version: cec6e93beadfd145758af2c0854fcc2abb8170cb
Version: cec6e93beadfd145758af2c0854fcc2abb8170cb

Version: 5.13

Show details on NVD website

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/erofs/zmap.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "091a8ca572a2e48554427feda78aa503e98c1028",
              "status": "affected",
              "version": "cec6e93beadfd145758af2c0854fcc2abb8170cb",
              "versionType": "git"
            },
            {
              "lessThan": "373b6f350aecf5dca2e7474f0b4ec8cca659f2f0",
              "status": "affected",
              "version": "cec6e93beadfd145758af2c0854fcc2abb8170cb",
              "versionType": "git"
            },
            {
              "lessThan": "d5d188b8f8b38d3d71dd05993874b4fc9284ce95",
              "status": "affected",
              "version": "cec6e93beadfd145758af2c0854fcc2abb8170cb",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/erofs/zmap.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.13"
            },
            {
              "lessThan": "5.13",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.0.*",
              "status": "unaffected",
              "version": "6.0.16",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.2",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.0.16",
                  "versionStartIncluding": "5.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.2",
                  "versionStartIncluding": "5.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.2",
                  "versionStartIncluding": "5.13",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nerofs: fix missing unmap if z_erofs_get_extent_compressedlen() fails\n\nOtherwise, meta buffers could be leaked."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-30T12:08:28.719Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/091a8ca572a2e48554427feda78aa503e98c1028"
        },
        {
          "url": "https://git.kernel.org/stable/c/373b6f350aecf5dca2e7474f0b4ec8cca659f2f0"
        },
        {
          "url": "https://git.kernel.org/stable/c/d5d188b8f8b38d3d71dd05993874b4fc9284ce95"
        }
      ],
      "title": "erofs: fix missing unmap if z_erofs_get_extent_compressedlen() fails",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2022-50811",
    "datePublished": "2025-12-30T12:08:28.719Z",
    "dateReserved": "2025-12-30T12:06:07.130Z",
    "dateUpdated": "2025-12-30T12:08:28.719Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.