User After Free/General Protection Fault in Linux Kernel Affecting Various Systems
CVE-2022-50367

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
17 September 2025

What is CVE-2022-50367?

In the Linux kernel, an issue in inode management can cause crashes due to uninitialized pointers. This occurs when security_inode_alloc fails in alloc_inode, leading to improper handling of inode->i_private. The flaw triggers nilfs_mdt_destroy on an uninitialized inode, potentially resulting in system instability. A fix has been implemented to ensure security_inode_alloc is executed in a manner that prevents this condition.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

References

https://git.kernel.org/stable/c/d1ff475d7c83289d0a7faef34...
https://git.kernel.org/stable/c/c0aa76b0f17f59dd9c9d34635...
https://git.kernel.org/stable/c/ec2aab115eb38ac4992ea2fcc...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2022-50367 : User After Free/General Protection Fault in Linux Kernel Affecting Various Systems