{ "affected": [ { "ranges": [ { "events": [ { "introduced": "36ea23374d1f7b6a9d96a2b61d38830fdf23e45d" }, { "fixed": "5ccb0420b7c9334ab8122037847101931b899301" }, { "fixed": "4bd9d5d20f344d015422969302d12653c903c271" }, { "fixed": "035ff33cf4db101250fb980a3941bf078f37a544" } ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "type": "GIT" } ] } ], "database_specific": { "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50217.json" }, "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nfuse: write inode in fuse_release()\n\nA race between write(2) and close(2) allows pages to be dirtied after\nfuse_flush -\u003e write_inode_now(). If these pages are not flushed from\nfuse_release(), then there might not be a writable open file later. So any\nremaining dirty pages must be written back before the file is released.\n\nThis is a partial revert of the blamed commit.", "id": "CVE-2022-50217", "modified": "2026-04-01T23:09:55.205358487Z", "published": "2025-06-18T11:03:53.451Z", "references": [ { "type": "WEB", "url": "https://git.kernel.org/stable/c/035ff33cf4db101250fb980a3941bf078f37a544" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/4bd9d5d20f344d015422969302d12653c903c271" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/5ccb0420b7c9334ab8122037847101931b899301" }, { "type": "ADVISORY", "url": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50217.json" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50217" }, { "type": "PACKAGE", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git" } ], "schema_version": "1.7.3", "summary": "fuse: write inode in fuse_release()" }