CVE-2022-50217
fuse: write inode in fuse_release()
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS —EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
18 jun 2025Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
In the Linux kernel, the following vulnerability has been resolved:
fuse: write inode in fuse_release()
A race between write(2) and close(2) allows pages to be dirtied after
fuse_flush -> write_inode_now(). If these pages are not flushed from
fuse_release(), then there might not be a writable open file later. So any
remaining dirty pages must be written back before the file is released.
This is a partial revert of the blamed commit.
Productos afectados
Linux · Linux