What is CVE-2022-50021?

CVE-2022-50021 is a High severity Linux kernel vulnerability with a CVSS score of 7.8 out of 10, classified as a Use After Free flaw (CWE-416), affecting Linux kernel versions from 3.2 onward and patched in 5.10.175, 5.15.103, 5.19.4 and others. CVE-2022-50021 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

What is the CVSS score for CVE-2022-50021?

CVE-2022-50021 has a CVSS score of 7.8 out of 10, rated High severity. The vector string is CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Is there a patch available for CVE-2022-50021?

Yes, CVE-2022-50021 has been patched. Fixed versions include 5.10.175, 5.15.103, 5.19.4 and others. If you are running Linux kernel 3.2 or later up to the fix versions, apply the relevant patch for your kernel branch.

Is CVE-2022-50021 actively exploited?

CVE-2022-50021 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

What is Use After Free (CWE-416)?

The product references memory after it has been freed, which may cause it to crash, use unexpected values, or execute code. See MITRE CWE for full details: https://cwe.mitre.org/data/definitions/416.html

CVE-2022-50021

High

In the Linux kernel, the following vulnerability has been resolved: ext4: block range must be validated before use in ext4_mb_clear_bb() Block range to free is validated in ext4_free_blocks() using ext4_inode_block_valid() and then it's passed to ext4_mb_clear_bb(). However in some situations on bigalloc file system the range might be adjusted after the validation in ext4_free_blocks() which can lead to troubles on corrupted file systems such as one found by syzkaller that resulted in the following BUG kernel BUG at fs/ext4/ext4.h:3319! PREEMPT SMP NOPTI CPU: 28 PID: 4243 Comm: repro Kdump: loaded Not tainted 5.19.0-rc6+ #1 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1.fc35 04/01/2014 RIP: 0010:ext4_free_blocks+0x95e/0xa90 Call Trace: <TASK> ? lock_timer_base+0x61/0x80 ? __es_remove_extent+0x5a/0x760 ? __mod_timer+0x256/0x380 ? ext4_ind_truncate_ensure_credits+0x90/0x220 ext4_clear_blocks+0x107/0x1b0 ext4_free_data+0x15b/0x170 ext4_ind_truncate+0x214/0x2c0 ? _raw_spin_unlock+0x15/0x30 ? ext4_discard_preallocations+0x15a/0x410 ? ext4_journal_check_start+0xe/0x90 ? __ext4_journal_start_sb+0x2f/0x110 ext4_truncate+0x1b5/0x460 ? __ext4_journal_start_sb+0x2f/0x110 ext4_evict_inode+0x2b4/0x6f0 evict+0xd0/0x1d0 ext4_enable_quotas+0x11f/0x1f0 ext4_orphan_cleanup+0x3de/0x430 ? proc_create_seq_private+0x43/0x50 ext4_fill_super+0x295f/0x3ae0 ? snprintf+0x39/0x40 ? sget_fc+0x19c/0x330 ? ext4_reconfigure+0x850/0x850 get_tree_bdev+0x16d/0x260 vfs_get_tree+0x25/0xb0 path_mount+0x431/0xa70 __x64_sys_mount+0xe2/0x120 do_syscall_64+0x5b/0x80 ? do_user_addr_fault+0x1e2/0x670 ? exc_page_fault+0x70/0x170 entry_SYSCALL_64_after_hwframe+0x46/0xb0 RIP: 0033:0x7fdf4e512ace Fix it by making sure that the block range is properly validated before used every time it changes in ext4_free_blocks() or ext4_mb_clear_bb().

Package Linux Kernel

Published 2025-06-18

Last modified 2025-11-13

CVSS version 3.1

Patch available

Yes

CVSS 3.1 score

7.8

out of 10

High

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Vector string

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Weakness type

CWE-416

CVE-2022-50021 is a Use After Free vulnerability

What is Use After Free?

The product references memory after it has been freed, which may cause it to crash, use unexpected values, or execute code. Learn more on MITRE CWE

Affected versions

Linux kernel versions 3.2 and later are affected. Fixed in 5.10.175, 5.15.103, 5.19.4, 6.0 and their respective stable series.

Affected from

≥ 3.2

Fixed in

✓ 5.10.175 5.10.x ✓ 5.15.103 5.15.x ✓ 5.19.4 5.19.x ✓ 6.0

References

The following references provide additional information about CVE-2022-50021 including vendor advisories, patch commits, exploit details, and third-party analysis. Links are sourced from the NIST NVD database.

Kernel patch commit
https://git.kernel.org/stable/c/1e1c2b86ef86a8477fd9b9a4f48a6bfe235606f6
Patch
Kernel patch commit
https://git.kernel.org/stable/c/560a2744cbbf03cac65a6394f9b0d99aa437c867
Patch
Kernel patch commit
https://git.kernel.org/stable/c/7550aade978371ac582f6d43b14c4cb89ca54463
Patch

4 patch commits total View all on NVD

Details

CVE ID CVE-2022-50021

Severity High

CVSS score 7.8 / 10

CVSS version 3.1

Published 2025-06-18

Modified 2025-11-13

KEV No

Patch

Yes

Package linux

Frequently asked questions

What is CVE-2022-50021?

CVE-2022-50021 is a High severity Linux kernel vulnerability with a CVSS score of 7.8 out of 10 , classified as an Use After Free flaw (CWE-416) . It affects Linux kernel versions from 3.2 onward and has been patched in 5.10.175, 5.15.103, 5.19.4 and others. CVE-2022-50021 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.
What is the CVSS score for CVE-2022-50021?

CVE-2022-50021 has a CVSS score of 7.8 out of 10, rated High severity (CVSS 3.1). The vector string is CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.
Is there a patch available for CVE-2022-50021?

Yes — CVE-2022-50021 has been patched. Fixed versions include 5.10.175, 5.15.103, 5.19.4 and others. If you are running Linux kernel 3.2 or later up to the fix versions, apply the relevant patch for your kernel branch.
Is CVE-2022-50021 actively exploited?

No — CVE-2022-50021 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.
What is Use After Free (CWE-416)?

The product references memory after it has been freed, which may cause it to crash, use unexpected values, or execute code. View CWE-416 on MITRE CWE →