Null Pointer Dereference in Linux Kernel Ext4 Filesystem
CVE-2022-50344

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 16 September 2025

What is CVE-2022-50344?

A null pointer dereference vulnerability exists in the Linux kernel's ext4 filesystem. This issue can occur during the filesystem sync operation, particularly when managing quota writebacks. A NULL pointer is set incorrectly during the cleanup process, potentially leading to system instability or crashes. The vulnerability has been addressed by modifying the way the ext4 subsystem manages journal starts, ensuring that this pointer dereference does not occur. Users running susceptible versions of the kernel are advised to update to versions that incorporate the fix to maintain system integrity.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 947264e00c46de19a016fd81218118c708fed2f3

References

https://git.kernel.org/stable/c/dc451578446afd03c0c219139...

https://git.kernel.org/stable/c/f4b5ff0b794aa94afac7269c4...

https://git.kernel.org/stable/c/947264e00c46de19a016fd812...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 16, 2025
Vulnerability Reserved
Sep 16, 2025