Unrated severityNVD Advisory· Published Sep 15, 2025

btrfs: fix extent map use-after-free when handling missing device in read_one_chunk

CVE-2022-50300

Description

In the Linux kernel, the following vulnerability has been resolved:

Store the error code before freeing the extent_map. Though it's reference counted structure, in that function it's the first and last allocation so this would lead to a potential use-after-free.

The error can happen eg. when chunk is stored on a missing device and the degraded mount option is missing.

Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=216721

Affected products

Linux/Kernelllm-fuzzy
Linux/Linuxv5
Range: 4.15

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

git.kernel.org/stable/c/169a4cf46882974d4db6d85eb623ec898e51bbc0mitre
git.kernel.org/stable/c/1742e1c90c3da344f3bb9b1f1309b3f47482756amitre
git.kernel.org/stable/c/b8e7ed42bc3ca0d0e4191ee394d34962d3624c22mitre
git.kernel.org/stable/c/fce3713197ebba239e1c7e02174ed216ea1ee014mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000