SB2025091740 - Resource management error in Linux kernel ext4

Description

This security bulletin contains information about 1 security vulnerability.

1) Resource management error (CVE-ID: CVE-2022-50346)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the ext4_rename() function in fs/ext4/namei.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

• https://git.kernel.org/stable/c/13271fbbe85d73a7c47058f56a52f2a7f00d6e39
• https://git.kernel.org/stable/c/135ba9146f4d38abed48a540ef8a8770ff0bd34f
• https://git.kernel.org/stable/c/33fd7031d634f3b46e59f61adfbb0ea9fe514fef
• https://git.kernel.org/stable/c/67f6d5a4043f3db0c6bb0e14a0d97a7be8bfb8b5
• https://git.kernel.org/stable/c/7dfb8259f66faafa68d23a261b284d2c2c67649b
• https://git.kernel.org/stable/c/84a2f2ed49d6a4d92b354219077434c57d334620
• https://git.kernel.org/stable/c/def7a39091e60e1c4a2f623629082a00092602be
• https://git.kernel.org/stable/c/f263e349bacc2f303526dcfa61c4bc50132418b1
• https://git.kernel.org/stable/c/fae381a3d79bb94aa2eb752170d47458d778b797
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.303
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.270
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.337
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.163
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.87
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.229
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.0.18
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.4
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.2