CVE-2022-50839
Reference Count Leak in Linux Kernel jbd2 Component Causes Resource Exhaustion
Publication date: 2025-12-30
Last updated on: 2025-12-30
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in the Linux kernel's jbd2 subsystem involves a potential buffer head reference count leak. Specifically, in the function 'jbd2_fc_wait_bufs', if a buffer isn't up to date, the function returns an error (-EIO) without updating the 'journal->j_fc_off' offset. Later, 'jbd2_fc_release_bufs' may release a buffer head based on an outdated offset, which can lead to a reference count leak of the buffer head. The fix involves updating 'journal->j_fc_off' before returning the error to prevent this leak.
How can this vulnerability impact me? :
This vulnerability can lead to a buffer head reference count leak in the Linux kernel's journaling subsystem. Such a leak may cause resource exhaustion or instability in the system due to unreleased buffer heads, potentially affecting system reliability and performance.