VYPR
Unrated severityNVD Advisory· Published Feb 26, 2025· Updated May 4, 2025

afs: Fix dynamic root getattr

CVE-2022-49688

Description

In the Linux kernel, the following vulnerability has been resolved:

afs: Fix dynamic root getattr

The recent patch to make afs_getattr consult the server didn't account for the pseudo-inodes employed by the dynamic root-type afs superblock not having a volume or a server to access, and thus an oops occurs if such a directory is stat'd.

Fix this by checking to see if the vnode->volume pointer actually points anywhere before following it in afs_getattr().

This can be tested by stat'ing a directory in /afs. It may be sufficient just to do "ls /afs" and the oops looks something like:

BUG: kernel NULL pointer dereference, address: 0000000000000020 ... RIP: 0010:afs_getattr+0x8b/0x14b ... Call Trace:

vfs_statx+0x79/0xf5 vfs_fstatat+0x49/0x62

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

85

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.