CVE-2022-50519

MEDIUM
2025-10-07 416baaa9-dc9f-4396-8d5f-8c081fb06d67
5.5
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

3
Analysis Generated
Mar 17, 2026 - 20:45 vuln.today
Patch Released
Mar 17, 2026 - 20:45 nvd
Patch available
CVE Published
Oct 07, 2025 - 16:15 nvd
MEDIUM 5.5

Tags

Linux Denial Of Service Linux Kernel Redhat Suse

Description

In the Linux kernel, the following vulnerability has been resolved: nilfs2: replace WARN_ONs by nilfs_error for checkpoint acquisition failure If creation or finalization of a checkpoint fails due to anomalies in the checkpoint metadata on disk, a kernel warning is generated. This patch replaces the WARN_ONs by nilfs_error, so that a kernel, booted with panic_on_warn, does not panic. A nilfs_error is appropriate here to handle the abnormal filesystem condition. This also replaces the detected error codes with an I/O error so that neither of the internal error codes is returned to callers.

Analysis

This vulnerability in the Linux kernel's NILFS2 filesystem causes a kernel panic when the system is booted with panic_on_warn enabled and checkpoint metadata corruption is detected. A local attacker with standard user privileges can trigger this denial of service by crafting malicious NILFS2 filesystem images or corrupting checkpoint metadata on disk, causing the kernel to panic and crash the system. The vulnerability affects multiple Linux kernel versions across several stable branches, with patches available from the vendor, but EPSS exploitation probability remains very low at 0.01 percentile, indicating this is not actively exploited in the wild.

Technical Context

NILFS2 is a log-structured filesystem in the Linux kernel that uses checkpoints for consistent state recovery. The vulnerability exists in the checkpoint acquisition and finalization logic (affected code in fs/nilfs2/) where the original implementation used WARN_ON macros to detect anomalies in on-disk checkpoint metadata. When checkpoint creation or finalization fails due to corrupted metadata, these WARN_ONs would trigger kernel warnings. On systems booted with panic_on_warn=1 (a hardening parameter that converts all kernel warnings into panics), this unintended side effect causes a denial of service rather than graceful error handling. The fix replaces WARN_ON calls with proper nilfs_error() handlers that log filesystem errors without triggering panic-inducing warnings, and converts internal error codes to standard I/O errors for proper error propagation to userspace callers. This falls under the category of improper error handling where defensive warnings were used instead of appropriate error management mechanisms.

Affected Products

The Linux kernel versions affected by CVE-2022-50519 span multiple stable branches including the 5.4, 5.10, 5.15, 5.18, 5.19, 6.0, and 6.1 series, as indicated by the multiple stable kernel patches committed to git.kernel.org. The vulnerability specifically impacts the NILFS2 filesystem implementation present in cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* across all affected versions. Organizations using NILFS2 filesystems on any of these kernel versions are potentially affected, though the vulnerability only manifests when a system is specifically booted with panic_on_warn kernel parameter enabled. Patches are available from the Linux kernel stable branches at the commit references provided (commits 090fcfb6edeb9367a915b2749e2bd1f8b48d8898 and others in the git.kernel.org stable tree).

Remediation

Update the Linux kernel to a patched version that includes the NILFS2 checkpoint error handling fixes. The primary remediation is to upgrade to the latest stable kernel version in your branch (5.4.x, 5.10.x, 5.15.x, 5.18.x, 5.19.x, 6.0.x, or 6.1.x series or later) from git.kernel.org/stable. For distributions like Ubuntu, Debian, RHEL, or SUSE, apply the latest kernel security updates through your distribution's package management system. If immediate patching is not feasible, mitigation can be achieved by disabling the panic_on_warn kernel parameter if it was explicitly enabled, though this reduces other hardening benefits. Organizations using NILFS2 filesystems should prioritize this update as part of regular security patching cycles, and should validate filesystem integrity using existing tools if NILFS2 images may have been exposed to untrusted sources. The vendor patches are available at https://git.kernel.org/stable/ as referenced in the official CVE documentation.

Priority Score

28
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +28
POC: 0

Vendor Status

Share

CVE-2022-50519 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy