CVE-2022-49833

  1. Yack CVE
  2. Vulnerabilities (CVE)
  3. CVE-2022-49833

5.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

I

n the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: clone zoned device info when cloning a device When cloning a btrfs_device, we're not cloning the associated btrfs_zoned_device_info structure of the device in case of a zoned filesystem. Later on this leads to a NULL pointer dereference when accessing the device's zone_info for instance when setting a zone as active. This was uncovered by fstests' testcase btrfs/161.

References
Link Resource
https://git.kernel.org/stable/c/21e61ec6d0bb786818490e926aa9aeb4de95ad0d Patch
https://git.kernel.org/stable/c/ad88cabcec942c033f980cd1e28d56ecdaf5f3b8 Patch
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*
History

10 Nov 2025, 21:13

Type Values Removed Values Added
First Time Linux linux Kernel
Linux
CWE CWE-476
CPE cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*
References () https://git.kernel.org/stable/c/21e61ec6d0bb786818490e926aa9aeb4de95ad0d - () https://git.kernel.org/stable/c/21e61ec6d0bb786818490e926aa9aeb4de95ad0d - Patch
References () https://git.kernel.org/stable/c/ad88cabcec942c033f980cd1e28d56ecdaf5f3b8 - () https://git.kernel.org/stable/c/ad88cabcec942c033f980cd1e28d56ecdaf5f3b8 - Patch
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 5.5

02 May 2025, 13:53

Type Values Removed Values Added
Summary
  • (es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: btrfs: zoned: clonar información de dispositivo zonificado al clonar un dispositivo. Al clonar un btrfs_device, no se clona la estructura btrfs_zoned_device_info asociada al dispositivo en el caso de un sistema de archivos zonificado. Posteriormente, esto provoca una desreferencia de puntero nulo al acceder a zone_info del dispositivo, por ejemplo, al activar una zona. Esto fue descubierto por el caso de prueba btrfs/161 de fstests.

01 May 2025, 15:16

Type Values Removed Values Added
New CVE
Information

Published : 2025-05-01 15:16

Updated : 2025-11-10 21:13

NVD link : CVE-2022-49833

Mitre link : CVE-2022-49833

CVE.ORG link : CVE-2022-49833

JSON object : View

Products Affected

linux

CWE
CWE-476

NULL Pointer Dereference