Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: jbd2: fix potential buffer head reference count leak As in 'jbd2_fc_wait_bufs' if buffer isn't uptodate, will return -EIO without update 'journal->j_fc_off'. But 'jbd2_fc_release_bufs' will release buffer head from ‘j_fc_off - 1’ if 'bh' is NULL will terminal release which will lead to buffer head buffer head reference count leak. To solve above issue, update 'journal->j_fc_off' before return -EIO.
References
- https://git.kernel.org/stable/c/68ed9c76b2affd47177b92495446abb7262d0ef7
- https://git.kernel.org/stable/c/7a33dde572fceb45d02d188e0213c47059401c93
- https://git.kernel.org/stable/c/9b073d73725366d886b711b74e058c02f51e7a0e
- https://git.kernel.org/stable/c/e0d5fc7a6d80ac2406c7dfc6bb625201d0250a8a
- https://git.kernel.org/stable/c/e7385c868ee038d6a0cb0e85c22d2741e7910fd5
FAQ
What is CVE-2022-50839?
CVE-2022-50839 is a documented vulnerability. In the Linux kernel, the following vulnerability has been resolved: jbd2: fix potential buffer head reference count leak As in 'jbd2_fc_wait_bufs' if buffer isn't uptodate, will return -EIO without ...
How severe is CVE-2022-50839?
CVSS scoring is not yet available for CVE-2022-50839. Check NVD for updates.
Is there a patch for CVE-2022-50839?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.