CVE-2022-50839

EUVD-2022-55859
In the Linux kernel, the following vulnerability has been resolved:

jbd2: fix potential buffer head reference count leak

As in 'jbd2_fc_wait_bufs' if buffer isn't uptodate, will return -EIO without
update 'journal->j_fc_off'. But 'jbd2_fc_release_bufs' will release buffer head
from ‘j_fc_off - 1’ if 'bh' is NULL will terminal release which will lead to
buffer head buffer head reference count leak.
To solve above issue, update 'journal->j_fc_off' before return -EIO.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
UNKNOWN
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Debian logo
Debian Releases
Debian Product
Codename
linux
bookworm
6.1.148-1
fixed
bookworm (security)
6.1.158-1
fixed
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.247-1
fixed
forky
6.17.13-1
fixed
sid
6.17.13-1
fixed
trixie
6.12.57-1
fixed
trixie (security)
6.12.48-1
fixed
References
https://git.kernel.org/stable/c/68ed9c76b2affd47177b92495446abb7262d0ef7
https://git.kernel.org/stable/c/7a33dde572fceb45d02d188e0213c47059401c93
https://git.kernel.org/stable/c/9b073d73725366d886b711b74e058c02f51e7a0e
https://git.kernel.org/stable/c/e0d5fc7a6d80ac2406c7dfc6bb625201d0250a8a
https://git.kernel.org/stable/c/e7385c868ee038d6a0cb0e85c22d2741e7910fd5