{"id":"CVE-2022-2978","details":"A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.","modified":"2026-03-14T11:43:58.751689Z","published":"2022-08-24T16:15:12.010Z","related":["SUSE-SU-2022:3897-1","SUSE-SU-2022:3929-1","SUSE-SU-2022:3998-1","SUSE-SU-2022:4053-1","SUSE-SU-2022:4072-1","SUSE-SU-2022:4589-1","SUSE-SU-2022:4614-1","SUSE-SU-2022:4617-1","SUSE-SU-2025:03613-1","SUSE-SU-2025:03615-1","SUSE-SU-2025:03626-1","SUSE-SU-2025:03628-1","SUSE-SU-2025:3716-1","SUSE-SU-2025:3761-1"],"references":[{"type":"WEB","url":"https://lore.kernel.org/linux-fsdevel/20220816040859.659129-1-dzm91%40hust.edu.cn/T/#u"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00034.html"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"2.6.12"},{"fixed":"4.9.331"}]},{"events":[{"introduced":"4.10"},{"fixed":"4.14.296"}]},{"events":[{"introduced":"4.15"},{"fixed":"4.19.262"}]},{"events":[{"introduced":"4.20"},{"fixed":"5.4.218"}]},{"events":[{"introduced":"5.5"},{"fixed":"5.10.148"}]},{"events":[{"introduced":"5.11"},{"fixed":"5.15.73"}]},{"events":[{"introduced":"5.16"},{"fixed":"5.19.15"}]},{"events":[{"introduced":"6.0"},{"fixed":"6.0.1"}]},{"events":[{"introduced":"0"},{"last_affected":"10.0"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-2978.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}