Linux Kernel Fuse Inode Vulnerability Affecting Data Management
CVE-2022-50217

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
18 June 2025

What is CVE-2022-50217?

A vulnerability in the Linux kernel's Fuse subsystem allows for a race condition between write and close operations. This issue can result in pages being marked as dirtied after the fuse_flush operation and before the write_inode_now function completes, risking the loss of data integrity if these pages remain unflushed during file release. Proper handling of dirty pages is essential to prevent operational failures in file management.

Affected Version(s)

Linux 36ea23374d1f7b6a9d96a2b61d38830fdf23e45d < 5ccb0420b7c9334ab8122037847101931b899301

Linux 36ea23374d1f7b6a9d96a2b61d38830fdf23e45d < 4bd9d5d20f344d015422969302d12653c903c271

Linux 36ea23374d1f7b6a9d96a2b61d38830fdf23e45d < 035ff33cf4db101250fb980a3941bf078f37a544

References

https://git.kernel.org/stable/c/5ccb0420b7c9334ab81220378...
https://git.kernel.org/stable/c/4bd9d5d20f344d01542296930...
https://git.kernel.org/stable/c/035ff33cf4db101250fb980a3...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2022-50217 : Linux Kernel Fuse Inode Vulnerability Affecting Data Management