{"id":"CVE-2022-49361","summary":"f2fs: fix to do sanity check for inline inode","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix to do sanity check for inline inode\n\nYanming reported a kernel bug in Bugzilla kernel [1], which can be\nreproduced. The bug message is:\n\nThe kernel message is shown below:\n\nkernel BUG at fs/inode.c:611!\nCall Trace:\n evict+0x282/0x4e0\n __dentry_kill+0x2b2/0x4d0\n dput+0x2dd/0x720\n do_renameat2+0x596/0x970\n __x64_sys_rename+0x78/0x90\n do_syscall_64+0x3b/0x90\n\n[1] https://bugzilla.kernel.org/show_bug.cgi?id=215895\n\nThe bug is due to fuzzed inode has both inline_data and encrypted flags.\nDuring f2fs_evict_inode(), as the inode was deleted by rename(), it\nwill cause inline data conversion due to conflicting flags. The page\ncache will be polluted and the panic will be triggered in clear_inode().\n\nTry fixing the bug by doing more sanity checks for inline data inode in\nsanity_check_inode().","modified":"2026-04-02T08:27:31.211123Z","published":"2025-02-26T02:11:08.881Z","database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49361.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/11c1cd032df85df3c096a57a7f27d57819956e4a"},{"type":"WEB","url":"https://git.kernel.org/stable/c/198fd9faa271dd54dca6fc8eb6873f42dfd3b4d8"},{"type":"WEB","url":"https://git.kernel.org/stable/c/677a82b44ebf263d4f9a0cfbd576a6ade797a07b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/7cfe2d43becaf76e562b9617d2c2d9b445f86761"},{"type":"WEB","url":"https://git.kernel.org/stable/c/efdefbe8b7564602ab446474788225a1f2a323b5"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49361.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-49361"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"98e4da8ca301e062d79ae168c67e56f3c3de3ce4"},{"fixed":"efdefbe8b7564602ab446474788225a1f2a323b5"},{"fixed":"7cfe2d43becaf76e562b9617d2c2d9b445f86761"},{"fixed":"11c1cd032df85df3c096a57a7f27d57819956e4a"},{"fixed":"198fd9faa271dd54dca6fc8eb6873f42dfd3b4d8"},{"fixed":"677a82b44ebf263d4f9a0cfbd576a6ade797a07b"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-49361.json"}}],"schema_version":"1.7.5"}