CVE-2022-0617: 
Linux Kernel vulnerability analysis and mitigation

A NULL pointer dereference vulnerability (CVE-2022-0617) was discovered in the Linux kernel's UDF file system functionality, affecting versions from Linux kernel 4.2-rc1 till 5.17-rc2. The vulnerability was found in the way user triggers udffilewrite_iter function for malicious UDF image (CVE Details, MITRE CVE).

The vulnerability occurs in the udfexpandfileadinicb() function which calls directly ->writepage to write data expanded into a page. This implementation misses to setup inode for writeback properly, leading to a NULL pointer dereference when submitting page for IO. The issue manifests when attempting to dereference inode->iwb during the writeback process (Kernel Commit).

A local user with the ability to mount a specially crafted UDF image could exploit this vulnerability to cause a denial of service by crashing the system (Debian Security, Ubuntu Security).

The issue was fixed in the Linux kernel through two commits: one addressing the NULL pointer dereference by marking the page dirty and using the standard writeback path (7fc3b7c2981bbd1047916ade327beccb90994eee), and another restoring i_lenAlloc when inode expansion fails (ea8569194b43f0f01f0a84c689388542c7254a1f). Various Linux distributions have released patches for their respective kernel versions (Debian Security).