CVE-2022-49761

Summary

CVE-2022-49761 is a vulnerability affecting the Linux kernel's btrfs file system. This issue, which resides in the run_one_delayed_ref() function, results in insufficient error reporting. When this error occurs, no useful information is provided for debugging purposes, potentially leading to user frustration and limited ability to resolve the problem. To mitigate this issue, the patch adds detailed error reporting information, including logical byte number, number of bytes, type, action, and ref_mod. It also replaces the btrfs_debug() function with btrfs_err() and moves the error reporting within run_one_delayed_ref() to avoid use-after-free. The error should only be triggered once, and if it does occur, the call chain will error out, aborting the current transaction and causing no new error messages in subsequent transactions.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.