CVE-2022-50313
Published: Sep 15, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: erofs: fix order >= MAX_ORDER warning due to crafted negative i_size As syzbot reported [1], the root cause is that i_size field is a signed type, and negative i_size is also less than EROFS_BLKSIZ. As a consequence, it's handled as fast symlink unexpectedly. Let's fall back to the generic path to deal with such unusual i_size. [1] https://lore.kernel.org/r/[email protected]
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 431339ba90423a038914c6032bfd71f0ba7ef2f2 - < 17a0cdbd7b0cf0fc0d7ca4187a67f8f1c18c291faffected 431339ba90423a038914c6032bfd71f0ba7ef2f2 - < 0ab621fcdff1a58ff4de51a8590fa92a0ecd34beaffected 431339ba90423a038914c6032bfd71f0ba7ef2f2 - < acc2f40b980c61a9178b72cdedd150b829064997affected 431339ba90423a038914c6032bfd71f0ba7ef2f2 - < b6c8330f5b0f22149957a2e4977fd0f01a9db7cdaffected 431339ba90423a038914c6032bfd71f0ba7ef2f2 - < 6235fb899b25fd287d5e42635ff82196395708cc+1 more versions |
Linux | Linux | affected 4.19unaffected 0 - < 4.19unaffected 5.4.289 - <= 5.4.*unaffected 5.10.233 - <= 5.10.*unaffected 5.15.82 - <= 5.15.*+3 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now