CVE-2022-49064

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2022-49064
In the Linux kernel, the following vulnerability has been resolved: cachefiles: unmark inode in use in error path Unmark inode in use if error encountered. If the in-use flag leakage occurs in cachefiles_open_file(), Cachefiles will complain "Inode already in use" when later another cookie with the same index key is looked up. If the in-use flag leakage occurs in cachefiles_create_tmpfile(), though the "Inode already in use" warning won't be triggered, fix the leakage anyway.

5.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://git.kernel.org/stable/c/b2055abafd3d4ee0376fb3eed5cae866316995a1 Patch
https://git.kernel.org/stable/c/ea5dc046127e857a7873ae55fd57c866e9e86fb2 Patch
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.18:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.18:rc2:*:*:*:*:*:*
History

14 Oct 2025, 19:04

Type Values Removed Values Added
Summary
  • (es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: cachefiles: desmarcar inodo en uso en ruta de error Desmarcar inodo en uso si se encuentra un error. Si la fuga de la bandera en uso ocurre en cachefiles_open_file(), Cachefiles mostrará el mensaje "Inodo ya en uso" cuando más tarde se busque otra cookie con la misma clave de índice. Si la fuga de la bandera en uso ocurre en cachefiles_create_tmpfile(), aunque no se active la advertencia "Inodo ya en uso", solucione la fuga de todos modos.
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 5.5
CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.18:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.18:rc1:*:*:*:*:*:*
References () https://git.kernel.org/stable/c/b2055abafd3d4ee0376fb3eed5cae866316995a1 - () https://git.kernel.org/stable/c/b2055abafd3d4ee0376fb3eed5cae866316995a1 - Patch
References () https://git.kernel.org/stable/c/ea5dc046127e857a7873ae55fd57c866e9e86fb2 - () https://git.kernel.org/stable/c/ea5dc046127e857a7873ae55fd57c866e9e86fb2 - Patch
CWE NVD-CWE-noinfo
First Time Linux linux Kernel
Linux

26 Feb 2025, 07:00

Type Values Removed Values Added
New CVE
Information

Published : 2025-02-26 07:00

Updated : 2025-10-14 19:04

NVD link : CVE-2022-49064

Mitre link : CVE-2022-49064

CVE.ORG link : CVE-2022-49064

JSON object : View

Products Affected

linux

  • linux_kernel
CWE
NVD-CWE-noinfo