CVE-2022-50056

MEDIUM

Linux Kernel 5.15-5.15.62, 5.16-5.19.3 - NULL Pointer Dereference in NTFS3 MFT Reader

Title source: llm
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix missing i_op in ntfs_read_mft There is null pointer dereference because i_op == NULL. The bug happens because we don't initialize i_op for records in $Extend.

References (3)

Core 3

Scores

CVSS v3 5.5
EPSS 0.0015
EPSS Percentile 4.9%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-476
Status published
Products (12)
linux/Kernel 5.15.0 - 5.15.63linux
linux/Kernel 5.16.0 - 5.19.4linux
Linux/Linux < 5.15
Linux/Linux 5.15
Linux/Linux 5.15.63 - 5.15.*
Linux/Linux 5.19.4 - 5.19.*
Linux/Linux 6.0
Linux/Linux 82cae269cfa953032fbb8980a7d554d60fb00b17 - 37a530bfe56ca9a0d3129598803f2794c7428aae
Linux/Linux 82cae269cfa953032fbb8980a7d554d60fb00b17 - 8089a1bc27b41e6800590a92d17c119e9aa8ff53
Linux/Linux 82cae269cfa953032fbb8980a7d554d60fb00b17 - c293e8abc09e6e1faa50d967bd8862b1cbd575e5
... and 2 more
Published Jun 18, 2025
Tracked Since Feb 18, 2026