CVE-2022-50217

In the Linux kernel, the following vulnerability has been resolved: fuse: write inode in fuse_release() A race between write(2) and close(2) allows pages to be dirtied after fuse_flush -> write_inode_now(). If these pages are not flushed from fuse_release(), then there might not be a writable open file later. So any remaining dirty pages must be written back before the file is released. This is a partial revert of the blamed commit.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/035ff33cf4db101250fb980a3941bf078f37a544	Patch
https://git.kernel.org/stable/c/4bd9d5d20f344d015422969302d12653c903c271	Patch
https://git.kernel.org/stable/c/5ccb0420b7c9334ab8122037847101931b899301	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

History

No history.

Information

Published : 2025-06-18 11:15

Updated : 2025-11-19 12:59

NVD link : CVE-2022-50217

Mitre link : CVE-2022-50217

CVE.ORG link : CVE-2022-50217

JSON object : View

Products Affected

linux

linux_kernel

CWE

NVD-CWE-noinfo

{"id": "CVE-2022-50217", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2025-06-18T11:15:52.647", "references": [{"url": "https://git.kernel.org/stable/c/035ff33cf4db101250fb980a3941bf078f37a544", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/4bd9d5d20f344d015422969302d12653c903c271", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/5ccb0420b7c9334ab8122037847101931b899301", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfuse: write inode in fuse_release()\n\nA race between write(2) and close(2) allows pages to be dirtied after\nfuse_flush -> write_inode_now(). If these pages are not flushed from\nfuse_release(), then there might not be a writable open file later. So any\nremaining dirty pages must be written back before the file is released.\n\nThis is a partial revert of the blamed commit."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: fuse: escritura de inodo en fuse_release(). Una competencia entre write(2) y close(2) permite que las p\u00e1ginas se ensucien despu\u00e9s de fuse_flush -> write_inode_now(). Si estas p\u00e1ginas no se vac\u00edan desde fuse_release(), es posible que no haya ning\u00fan archivo abierto con permisos de escritura posteriormente. Por lo tanto, cualquier p\u00e1gina sucia restante debe reescribirse antes de liberar el archivo. Esta es una reversi\u00f3n parcial de el commit responsable."}], "lastModified": "2025-11-19T12:59:47.080", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5B42E453-8837-49D0-A5EF-03F818A6DC11", "versionEndExcluding": "5.18.18", "versionStartIncluding": "5.16"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A1A2A5A5-4598-4D7E-BA07-4660398D6C8F", "versionEndExcluding": "5.19.2", "versionStartIncluding": "5.19"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}