CVE-2022-50056

medium

Description

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix missing i_op in ntfs_read_mft There is null pointer dereference because i_op == NULL. The bug happens because we don't initialize i_op for records in $Extend.

References

https://git.kernel.org/stable/c/c293e8abc09e6e1faa50d967bd8862b1cbd575e5

https://git.kernel.org/stable/c/8089a1bc27b41e6800590a92d17c119e9aa8ff53

https://git.kernel.org/stable/c/37a530bfe56ca9a0d3129598803f2794c7428aae

Details

Source: Mitre, NVD

Published: 2025-06-18

Updated: 2025-06-18

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H