SB2025100543 - Input validation error in Linux kernel ext4
Published: October 5, 2025 Updated: October 27, 2025
Security Bulletin ID
SB2025100543
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Input validation error (CVE-ID: CVE-2022-50485)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the swap_inode_boot_loader() function in fs/ext4/ioctl.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/2142dfa1de61e25b83198af0308ec7689cca25d3
- https://git.kernel.org/stable/c/488a5c2bf7543c3cd3f07a025f2e62be91599430
- https://git.kernel.org/stable/c/63b1e9bccb71fe7d7e3ddc9877dbdc85e5d2d023
- https://git.kernel.org/stable/c/c0a738875c2e9c8c3366d792f8bf7fe508d5e5a5
- https://git.kernel.org/stable/c/f725b290ed79ad61e4f721fee95a287892d8b1ad
- https://git.kernel.org/stable/c/f7e6b5548f915d7aa435d0764d41eacfb49c6e09
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.87