| { |
| "containers": { |
| "cna": { |
| "providerMetadata": { |
| "orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038" |
| }, |
| "descriptions": [ |
| { |
| "lang": "en", |
| "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: remove WARN_ON in f2fs_is_valid_blkaddr\n\nSyzbot triggers two WARNs in f2fs_is_valid_blkaddr and\n__is_bitmap_valid. For example, in f2fs_is_valid_blkaddr,\nif type is DATA_GENERIC_ENHANCE or DATA_GENERIC_ENHANCE_READ,\nit invokes WARN_ON if blkaddr is not in the right range.\nThe call trace is as follows:\n\n f2fs_get_node_info+0x45f/0x1070\n read_node_page+0x577/0x1190\n __get_node_page.part.0+0x9e/0x10e0\n __get_node_page\n f2fs_get_node_page+0x109/0x180\n do_read_inode\n f2fs_iget+0x2a5/0x58b0\n f2fs_fill_super+0x3b39/0x7ca0\n\nFix these two WARNs by replacing WARN_ON with dump_stack." |
| } |
| ], |
| "affected": [ |
| { |
| "product": "Linux", |
| "vendor": "Linux", |
| "defaultStatus": "unaffected", |
| "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", |
| "programFiles": [ |
| "fs/f2fs/checkpoint.c" |
| ], |
| "versions": [ |
| { |
| "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", |
| "lessThan": "0a7a1fc7e71eecf2e5053a6c312c9f0dcbb9b8fd", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", |
| "lessThan": "32bea51fe4c6e92c00403739f7547c89219bea88", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", |
| "lessThan": "99c09b298e47ebbe345a6da9f268b32a6b0f4582", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", |
| "lessThan": "cd6374af36cc548464d8c47a93fdba7303bb82a4", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", |
| "lessThan": "8c62c5e26345c34d199b4b8c8e69255ba3d0e751", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", |
| "lessThan": "dc2f78e2d4cc844a1458653d57ce1b54d4a29f21", |
| "status": "affected", |
| "versionType": "git" |
| } |
| ] |
| }, |
| { |
| "product": "Linux", |
| "vendor": "Linux", |
| "defaultStatus": "affected", |
| "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", |
| "programFiles": [ |
| "fs/f2fs/checkpoint.c" |
| ], |
| "versions": [ |
| { |
| "version": "5.4.198", |
| "lessThanOrEqual": "5.4.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.10.122", |
| "lessThanOrEqual": "5.10.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.15.47", |
| "lessThanOrEqual": "5.15.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.17.15", |
| "lessThanOrEqual": "5.17.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.18.4", |
| "lessThanOrEqual": "5.18.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.19", |
| "lessThanOrEqual": "*", |
| "status": "unaffected", |
| "versionType": "original_commit_for_fix" |
| } |
| ] |
| } |
| ], |
| "cpeApplicability": [ |
| { |
| "nodes": [ |
| { |
| "operator": "OR", |
| "negate": false, |
| "cpeMatch": [ |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionEndExcluding": "5.4.198" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionEndExcluding": "5.10.122" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionEndExcluding": "5.15.47" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionEndExcluding": "5.17.15" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionEndExcluding": "5.18.4" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionEndExcluding": "5.19" |
| } |
| ] |
| } |
| ] |
| } |
| ], |
| "references": [ |
| { |
| "url": "https://git.kernel.org/stable/c/0a7a1fc7e71eecf2e5053a6c312c9f0dcbb9b8fd" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/32bea51fe4c6e92c00403739f7547c89219bea88" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/99c09b298e47ebbe345a6da9f268b32a6b0f4582" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/cd6374af36cc548464d8c47a93fdba7303bb82a4" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/8c62c5e26345c34d199b4b8c8e69255ba3d0e751" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/dc2f78e2d4cc844a1458653d57ce1b54d4a29f21" |
| } |
| ], |
| "title": "f2fs: remove WARN_ON in f2fs_is_valid_blkaddr", |
| "x_generator": { |
| "engine": "bippy-1.2.0" |
| } |
| } |
| }, |
| "cveMetadata": { |
| "assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038", |
| "cveID": "CVE-2022-49318", |
| "requesterUserId": "gregkh@kernel.org", |
| "serial": "1", |
| "state": "PUBLISHED" |
| }, |
| "dataType": "CVE_RECORD", |
| "dataVersion": "5.0" |
| } |
