CVE-2022-2978 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Unknown
Remote	Unknown
Type	Unknown
Description	In alloc_inode, inode_init_always() could return -ENOMEM if security_inode_alloc() fails, which causes inode->i_private uninitialized. Then nilfs_is_metadata_file_inode() returns true and nilfs_free_inode() wrongly calls nilfs_mdt_destroy(), which frees the uninitialized inode->i_private and leads to crashes(e.g., UAF/GPF)

Group	Package	Affected	Fixed	Severity	Status
AVG-2836	linux-zen	6.0.12-1	6.2-1	High	Unknown
AVG-2835	linux-hardened	6.0.19-1	6.2-1	High	Unknown
AVG-2834	linux-lts	5.15.94-1	6.2-1	High	Unknown
AVG-2837	linux	6.0.12-1	6.2-1	High	Fixed

References
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2e488f13755ffbb60f307e991b27024716a33b29 https://lore.kernel.org/linux-fsdevel/20220816040859.659129-1-dzm91@hust.edu.cn/T/#u https://kernel.dance/#CVE-2022-2978

References

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2e488f13755ffbb60f307e991b27024716a33b29
https://lore.kernel.org/linux-fsdevel/20220816040859.659129-1-dzm91@hust.edu.cn/T/#u
https://kernel.dance/#CVE-2022-2978