{
  "affected": [
    {
      "ranges": [
        {
          "events": [
            {
              "introduced": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2"
            },
            {
              "fixed": "bd8d7daa0e53b184a2f3c6e0d47330780d0a0650"
            },
            {
              "fixed": "21d490232f323ed4053eb9924615e6fea291f154"
            },
            {
              "fixed": "07793d2e55563124108762f4e5f811db92ffe02f"
            },
            {
              "fixed": "fe41ad8be036a3de3e4bdde709551aeb4de2fe7d"
            },
            {
              "fixed": "b230f2d9441a34c7f483d39ab78519bcf73cc2e0"
            },
            {
              "fixed": "24ab2d4ef52c2dbb62a60844b87fc8872383407a"
            },
            {
              "fixed": "115fae2c1566eacc5ad2055f72521354612e72c3"
            },
            {
              "fixed": "c641087d381a08363e5f14179bc6b0a23eca7c47"
            },
            {
              "fixed": "714fbf2647b1a33d914edd695d4da92029c7e7c0"
            }
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "type": "GIT"
        }
      ]
    }
  ],
  "database_specific": {
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49166.json"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nntfs: add sanity check on allocation size\n\nntfs_read_inode_mount invokes ntfs_malloc_nofs with zero allocation\nsize.  It triggers one BUG in the __ntfs_malloc function.\n\nFix this by adding sanity check on ni-\u003eattr_list_size.",
  "id": "CVE-2022-49166",
  "modified": "2026-04-01T23:09:59.392977687Z",
  "published": "2025-02-26T01:55:25.528Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/07793d2e55563124108762f4e5f811db92ffe02f"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/115fae2c1566eacc5ad2055f72521354612e72c3"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/21d490232f323ed4053eb9924615e6fea291f154"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/24ab2d4ef52c2dbb62a60844b87fc8872383407a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/714fbf2647b1a33d914edd695d4da92029c7e7c0"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b230f2d9441a34c7f483d39ab78519bcf73cc2e0"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/bd8d7daa0e53b184a2f3c6e0d47330780d0a0650"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c641087d381a08363e5f14179bc6b0a23eca7c47"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/fe41ad8be036a3de3e4bdde709551aeb4de2fe7d"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49166.json"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49166"
    },
    {
      "type": "PACKAGE",
      "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"
    }
  ],
  "schema_version": "1.7.3",
  "summary": "ntfs: add sanity check on allocation size"
}