CVE-2022-50436 in Linuxinformazioni

Riassunto

di MITRE • 01/10/2025

In the Linux kernel, the following vulnerability has been resolved:

ext4: don't set up encryption key during jbd2 transaction

Commit a80f7fcf1867 ("ext4: fixup ext4_fc_track_* functions' signature") extended the scope of the transaction in ext4_unlink() too far, making it include the call to ext4_find_entry(). However, ext4_find_entry() can deadlock when called from within a transaction because it may need to set up the directory's encryption key.

Fix this by restoring the transaction to its original scope.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsabile

Linux

Prenotare

17/09/2025

Divulgazione

01/10/2025

Moderazione

accettato

Voce

VDB-326530

CPE

pronto

CWE

CWE-833 (confermato)

CVSS

5.5 (NVD)

EPSS

0.00093

KEV

Attività

molto basso

Settore

Insurance, Education, ...

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2022-50436
NVD	https://nvd.nist.gov/vuln/detail/CVE-2022-50436
CVE Details	https://www.cvedetails.com/cve/CVE-2022-50436/

◂ Precedente Visione D'ensemble Il prossimo ▸

Do you know our Splunk app?

Download it now for free!