---

CVE-2022-2978 - log back

CVE-2022-2978 created at 28 Feb 2023 19:46:25
Severity	+ Unknown
Remote	+ Unknown
Type	+ Unknown
Description	+ In alloc_inode, inode_init_always() could return -ENOMEM if security_inode_alloc() fails, which causes inode->i_private uninitialized. Then nilfs_is_metadata_file_inode() returns true and nilfs_free_inode() wrongly calls nilfs_mdt_destroy(), which frees the uninitialized inode->i_private and leads to crashes(e.g., UAF/GPF)
References	+ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2e488f13755ffbb60f307e991b27024716a33b29 + https://lore.kernel.org/linux-fsdevel/20220816040859.659129-1-dzm91@hust.edu.cn/T/#u + https://kernel.dance/#CVE-2022-2978
Notes