CVE-2022-50333

HIGH

Linux Kernel < 4.9.337 - Out-of-Bounds Read

Title source: rule

Description

In the Linux kernel, the following vulnerability has been resolved: fs: jfs: fix shift-out-of-bounds in dbDiscardAG This should be applied to most URSAN bugs found recently by syzbot, by guarding the dbMount. As syzbot feeding rubbish into the bmap descriptor.

References (9)

Core 9

Core References

Patch

https://git.kernel.org/stable/c/0183c8f46ab5bcd0740f41c87f5141c6ca2bf1bb

Patch

https://git.kernel.org/stable/c/10b87da8fae79c7daf5eda6a9e4f1d31b85b4d92

Patch

https://git.kernel.org/stable/c/25e70c6162f207828dd405b432d8f2a98dbf7082

Patch

https://git.kernel.org/stable/c/3d340b684dcec5e34efc470227cd1c7d2df121ad

Patch

https://git.kernel.org/stable/c/50163a115831ef4e6402db5a7ef487d1989d7249

Patch

https://git.kernel.org/stable/c/624843f1bac448150f6859999c72c4841c14a2e3

Patch

https://git.kernel.org/stable/c/911999b193735cd378517b6cd5fe585ee345d49c

Patch

https://git.kernel.org/stable/c/ab5cd3d62c2493eca3337e7d0178cc7bd819ca64

Patch

https://git.kernel.org/stable/c/f8d4d0bac603616e2fa4a3907e81ed13f8f3c380

Scores

CVSS v3 7.1

EPSS 0.0001

EPSS Percentile 2.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Details

CWE

CWE-125

Status published

Products (9)

linux/Kernel 3.7.0 - 4.9.337linux

linux/Kernel 4.10.0 - 4.14.303linux

linux/Kernel 4.15.0 - 4.19.270linux

linux/Kernel 4.20.0 - 5.4.229linux

linux/Kernel 5.11.0 - 5.15.86linux

linux/Kernel 5.16.0 - 6.0.16linux

linux/Kernel 5.5.0 - 5.10.163linux

linux/Kernel 6.1.0 - 6.1.2linux

linux/linux_kernel < 4.9.337

Published Sep 15, 2025

Tracked Since Feb 18, 2026