Wiz
Vulnerability DatabaseCVE-2022-50020

CVE-2022-50020
Linux Kernel vulnerability analysis and mitigation

Overview

CVE-2022-50020 affects the Linux kernel's ext4 filesystem implementation. The vulnerability was discovered and disclosed on June 18, 2025. The issue involves attempting to resize the filesystem to an unaligned cluster boundary, which can lead to filesystem corruption (NVD, Wiz).

Technical details

The vulnerability occurs during filesystem resize operations when the target size is not properly aligned with cluster boundaries. When an online resize is attempted with a size that is not an integral multiple of the cluster size, it causes the final resize iteration to attempt growing the filesystem by a negative value. This triggers a BUG_ON condition in the kernel code and results in corruption of the filesystem's in-memory superblock structure (Wiz).

Impact

When exploited, this vulnerability leads to filesystem corruption through a corrupted in-memory superblock. The issue affects the stability and integrity of the ext4 filesystem, potentially causing system crashes and data integrity issues (Wiz).

Mitigation and workarounds

A patch has been developed to avoid attempting to resize the filesystem to an unaligned cluster boundary. The fix prevents the filesystem from being resized to sizes that are not integral multiples of the cluster size (Wiz).

Additional resources

SourceThis report was generated using AI

Related Linux Kernel vulnerabilities:

CVE ID

Severity

Score

Technologies

Component name

CISA KEV exploit

Has fix

Published date

CVE-2025-40258HIGH7
  • Linux KernelLinux Kernel
  • kernel-zfcpdump-devel-matched
NoNoDec 04, 2025
CVE-2025-40259MEDIUM6.2
  • Linux KernelLinux Kernel
  • kernel-64k-devel
NoNoDec 04, 2025
CVE-2025-40264MEDIUM5.5
  • Linux KernelLinux Kernel
  • kernel-rt-64k-debug-kvm
NoNoDec 04, 2025
CVE-2025-40254MEDIUM5.5
  • Linux KernelLinux Kernel
  • kernel-modules-partner
NoNoDec 04, 2025
CVE-2025-40253MEDIUM5.5
  • Linux KernelLinux Kernel
  • python3-perf
NoNoDec 04, 2025

Free Vulnerability Assessment

Benchmark your Cloud Security Posture

Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.

Request assessment

Additional Wiz resources

Cloud Vulnerability DB

Cloud Vulnerability DB

A community-led vulnerabilities database

Cloud Threat Landscape

Cloud Threat Landscape

A threat intelligence database

PEACH

PEACH

A tenant isolation framework

Get a personalized demo

Ready to see Wiz in action?

"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management
Get a demo