CVE-2022-50845
Unknown Unknown - Not Provided
Inode Leak Vulnerability in Linux ext4 Causes Filesystem Errors

Publication date: 2025-12-30

Last updated on: 2025-12-30

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: ext4: fix inode leak in ext4_xattr_inode_create() on an error path There is issue as follows when do setxattr with inject fault: [localhost]# fsck.ext4 -fn /dev/sda e2fsck 1.46.6-rc1 (12-Sep-2022) Pass 1: Checking inodes, blocks, and sizes Pass 2: Checking directory structure Pass 3: Checking directory connectivity Pass 4: Checking reference counts Unattached zero-length inode 15. Clear? no Unattached inode 15 Connect to /lost+found? no Pass 5: Checking group summary information /dev/sda: ********** WARNING: Filesystem still has errors ********** /dev/sda: 15/655360 files (0.0% non-contiguous), 66755/2621440 blocks This occurs in 'ext4_xattr_inode_create()'. If 'ext4_mark_inode_dirty()' fails, dropping i_nlink of the inode is needed. Or will lead to inode leak.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-30
Last Modified
2025-12-30
Generated
2026-06-16
AI Q&A
2025-12-30
EPSS Evaluated
2026-06-14
NVD
CVE-2022-50845
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is an inode leak in the ext4 filesystem of the Linux kernel. Specifically, it occurs in the function ext4_xattr_inode_create() when setting extended attributes (setxattr) with an injected fault. If the function ext4_mark_inode_dirty() fails, the inode's link count (i_nlink) is not properly dropped, leading to an inode leak. This means that some inodes remain unattached and unused, causing filesystem errors.

Impact Analysis

The inode leak can cause filesystem inconsistencies and errors, as shown by the output of fsck.ext4 indicating unattached inodes and warnings about filesystem errors. This can lead to corrupted filesystem metadata, potential data loss, and degraded filesystem integrity.

Detection Guidance

This vulnerability can be detected by checking for inode leaks or filesystem errors related to ext4. You can use the command `fsck.ext4 -fn /dev/sda` to perform a filesystem check in a non-destructive, read-only mode. If the vulnerability is present, you may see warnings about unattached or zero-length inodes, such as 'Unattached zero-length inode' or 'Filesystem still has errors'.

Mitigation Strategies

Immediate mitigation involves running filesystem checks and repairs using tools like `fsck.ext4` to identify and fix inode leaks. Additionally, updating the Linux kernel to a version where this ext4 inode leak issue in `ext4_xattr_inode_create()` is fixed is recommended to prevent the vulnerability from being exploited.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2022-50845. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart