CVE-2022-50845
Published: Dec 30, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: ext4: fix inode leak in ext4_xattr_inode_create() on an error path There is issue as follows when do setxattr with inject fault: [localhost]# fsck.ext4 -fn /dev/sda e2fsck 1.46.6-rc1 (12-Sep-2022) Pass 1: Checking inodes, blocks, and sizes Pass 2: Checking directory structure Pass 3: Checking directory connectivity Pass 4: Checking reference counts Unattached zero-length inode 15. Clear? no Unattached inode 15 Connect to /lost+found? no Pass 5: Checking group summary information /dev/sda: ********** WARNING: Filesystem still has errors ********** /dev/sda: 15/655360 files (0.0% non-contiguous), 66755/2621440 blocks This occurs in 'ext4_xattr_inode_create()'. If 'ext4_mark_inode_dirty()' fails, dropping i_nlink of the inode is needed. Or will lead to inode leak.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected bd3b963b273e247e13979f98812a6e4979b5c1e4 - < 0f709e08caffb41bbc9b38b9a4c1bd0769794007affected bd3b963b273e247e13979f98812a6e4979b5c1e4 - < eab94a46560f68d4bcd15222701ced479f84f427affected bd3b963b273e247e13979f98812a6e4979b5c1e4 - < 9ef603086c5b796fde1c7f22a17d0fc826ba54cbaffected bd3b963b273e247e13979f98812a6e4979b5c1e4 - < 9882601ee689975c1c0076ee65bf222a2a35e535affected bd3b963b273e247e13979f98812a6e4979b5c1e4 - < 322cf639b0b7f137543072c55545adab782b3a25+3 more versions |
Linux | Linux | affected 4.13unaffected 0 - < 4.13unaffected 4.14.303 - <= 4.14.*unaffected 4.19.270 - <= 4.19.*unaffected 5.4.229 - <= 5.4.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now