CVE-2022-50344
📋 TL;DR
A null pointer dereference vulnerability in the Linux kernel's ext4 filesystem allows local attackers to cause a kernel panic (denial of service) during system unmount operations. This affects Linux systems using ext4 filesystems where an attacker has local access. The vulnerability occurs when the root directory pointer becomes NULL during unmount while quota operations are still in progress.
💻 Affected Systems
- Linux Kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Local attacker triggers kernel panic leading to system crash and denial of service, potentially causing data corruption or loss if filesystems aren't properly unmounted.
Likely Case
Local user causes system crash during unmount operations, resulting in temporary denial of service until system reboot.
If Mitigated
System remains stable with proper patching; unmount operations complete normally without crashes.
🎯 Exploit Status
Exploitation requires local access and specific timing during filesystem unmount; not trivial but possible for determined attackers.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Linux kernel stable releases containing commit 3638aa1c7d87c0ca0aef23cf58cae2c48e7daca4 or later
Vendor Advisory: https://git.kernel.org/stable/c/3638aa1c7d87c0ca0aef23cf58cae2c48e7daca4
Restart Required: No
Instructions:
1. Update Linux kernel to patched version from your distribution's repositories. 2. For custom kernels, apply the ext4 fix commit. 3. Reboot to load new kernel.
🔧 Temporary Workarounds
Disable disk quotas
LinuxDisable disk quota support on ext4 filesystems to prevent the vulnerable code path from being executed
tune2fs -Q ^usrquota,^grpquota /dev/device
mount -o remount,noquota /mountpoint
🧯 If You Can't Patch
- Restrict local user access to prevent untrusted users from triggering unmount operations
- Monitor for crash events and implement rapid recovery procedures
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if ext4 with quotas is in use: 'uname -r' and 'mount | grep ext4'Check Version:
uname -rVerify Fix Applied:
Verify kernel version is patched: 'uname -r' should show version containing the fix commit📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages in /var/log/messages or dmesg
- Null pointer dereference errors mentioning ext4_write_info
- System crash during unmount operations
Network Indicators:
- None - local vulnerability only
SIEM Query:
source="kernel" AND ("null-ptr-deref" OR "ext4_write_info" OR "KASAN: null-ptr-deref")🔗 References
- https://git.kernel.org/stable/c/3638aa1c7d87c0ca0aef23cf58cae2c48e7daca4
- https://git.kernel.org/stable/c/4a657319cfabd6199fd0b7b65bbebf6ded7a11c1
- https://git.kernel.org/stable/c/533c60a0b97cee5daab376933f486207e6680fb7
- https://git.kernel.org/stable/c/947264e00c46de19a016fd81218118c708fed2f3
- https://git.kernel.org/stable/c/bb420e8afc854d2a1caaa23a0c129839acfb7888
- https://git.kernel.org/stable/c/dc451578446afd03c0c21913993c08898a691435
- https://git.kernel.org/stable/c/f34ab95162763cd7352f46df169296eec28b688d
- https://git.kernel.org/stable/c/f4b5ff0b794aa94afac7269c494550ca2f66511b
- https://git.kernel.org/stable/c/f9c1f248607d5546075d3f731e7607d5571f2b60
