#VU104750 Improper error handling in Linux kernel - CVE-2022-49380
Published: February 26, 2025 / Updated: May 11, 2025
Vulnerability identifier: #VU104750
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2022-49380
CWE-ID: CWE-388
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the fs/f2fs/f2fs.h. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
External links
- https://git.kernel.org/stable/c/2766ddaf45b69252bb8fe526b5b6e56904a9ae7a
- https://git.kernel.org/stable/c/4d17e6fe9293d57081ffdc11e1cf313e25e8fd9e
- https://git.kernel.org/stable/c/89d9a48d0cd30429463ea4e37ca83be6773ed5eb
- https://git.kernel.org/stable/c/bce859358d3d5940aa858e40ceee70ee6e76130e
- https://git.kernel.org/stable/c/ccffa99ae6a1f44797b57444c6a80382a42928fe
- https://git.kernel.org/stable/c/f8b3c3fcf33105bc1ee7788e3b51b0a1ae42ae53
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.198