vfs_statx+0x79/0xf5 vfs_fstatat+0x49/0x62"> vfs_statx+0x79/0xf5 vfs_fstatat+0x49/0x62"> vfs_statx+0x79/0xf5 vfs_fstatat+0x49/0x62">

CVE-2022-49688

Published at:
2025-02-26T07:01:43.617
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Global infos:

In the Linux kernel, the following vulnerability has been resolved: afs: Fix dynamic root getattr The recent patch to make afs_getattr consult the server didn't account for the pseudo-inodes employed by the dynamic root-type afs superblock not having a volume or a server to access, and thus an oops occurs if such a directory is stat'd. Fix this by checking to see if the vnode->volume pointer actually points anywhere before following it in afs_getattr(). This can be tested by stat'ing a directory in /afs. It may be sufficient just to do "ls /afs" and the oops looks something like: BUG: kernel NULL pointer dereference, address: 0000000000000020 ... RIP: 0010:afs_getattr+0x8b/0x14b ... Call Trace: vfs_statx+0x79/0xf5 vfs_fstatat+0x49/0x62

CVE Status: Awaiting Analysis

References:

  • 416baaa9-dc9f-4396-8d5f-8c081fb06d67
  • 416baaa9-dc9f-4396-8d5f-8c081fb06d67
  • 416baaa9-dc9f-4396-8d5f-8c081fb06d67
  • 416baaa9-dc9f-4396-8d5f-8c081fb06d67
  • 416baaa9-dc9f-4396-8d5f-8c081fb06d67
  • 416baaa9-dc9f-4396-8d5f-8c081fb06d67
    •

    Metrics:

    No CVSS data available

    Links:

    Exploit-db
    Github

    Most recherched CVEs
    Popular Keywords