1. Home
  2. Vulnerabilities
  3. CVE-2022-50497
0.0
NA
CVE-2022-50497
binfmt_misc: fix shift-out-of-bounds in check_special_flags
Description

In the Linux kernel, the following vulnerability has been resolved: binfmt_misc: fix shift-out-of-bounds in check_special_flags UBSAN reported a shift-out-of-bounds warning: left shift of 1 by 31 places cannot be represented in type 'int' Call Trace: <TASK> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x8d/0xcf lib/dump_stack.c:106 ubsan_epilogue+0xa/0x44 lib/ubsan.c:151 __ubsan_handle_shift_out_of_bounds+0x1e7/0x208 lib/ubsan.c:322 check_special_flags fs/binfmt_misc.c:241 [inline] create_entry fs/binfmt_misc.c:456 [inline] bm_register_write+0x9d3/0xa20 fs/binfmt_misc.c:654 vfs_write+0x11e/0x580 fs/read_write.c:582 ksys_write+0xcf/0x120 fs/read_write.c:637 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x34/0x80 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0033:0x4194e1 Since the type of Node's flags is unsigned long, we should define these macros with same type too.

INFO

Published Date :

Oct. 4, 2025, 4:15 p.m.

Last Modified :

Oct. 6, 2025, 2:56 p.m.

Remotely Exploit :

No

Source :

416baaa9-dc9f-4396-8d5f-8c081fb06d67
Affected Products

The following products are affected by CVE-2022-50497 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Linux linux_kernel
: Total Affected Vendor : 1 | Products : 1
Solution
Address shift-out-of-bounds by redefining flags macros with unsigned long type.
  • Update kernel to incorporate the fix.
  • Ensure flags macros use unsigned long.
  • Recompile the kernel.
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2022-50497.

URL Resource
https://git.kernel.org/stable/c/0f1a48994b3e516d5c7fd5d12204fdba7a604771
https://git.kernel.org/stable/c/419b808504c26b3e3342365f34ccd0843e09a7f8
https://git.kernel.org/stable/c/6a46bf558803dd2b959ca7435a5c143efe837217
https://git.kernel.org/stable/c/88cea1676a09f7c45a1438153a126610c33b1590
https://git.kernel.org/stable/c/97382a2639b1cd9631f6069061e9d7062cd2b098
https://git.kernel.org/stable/c/a651bb5ff997b9f02662bcdef3d8b4e6f0d79656
https://git.kernel.org/stable/c/a91123d4bda463469f68f0427adabf8108001f94
https://git.kernel.org/stable/c/dcbc51d31d0afbd45e830e3cf565a7b3ca7bf0d8
https://git.kernel.org/stable/c/ea6145370be8016755c43aca799815fc4b8c88b1
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2022-50497 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2022-50497 weaknesses.

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2022-50497 vulnerability anywhere in the article.

Results are limited to the first 20 news articles due to potential performance issues.

The following table lists the changes that have been made to the CVE-2022-50497 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • New CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Oct. 04, 2025

    Action Type Old Value New Value
    Added Description In the Linux kernel, the following vulnerability has been resolved: binfmt_misc: fix shift-out-of-bounds in check_special_flags UBSAN reported a shift-out-of-bounds warning: left shift of 1 by 31 places cannot be represented in type 'int' Call Trace: <TASK> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x8d/0xcf lib/dump_stack.c:106 ubsan_epilogue+0xa/0x44 lib/ubsan.c:151 __ubsan_handle_shift_out_of_bounds+0x1e7/0x208 lib/ubsan.c:322 check_special_flags fs/binfmt_misc.c:241 [inline] create_entry fs/binfmt_misc.c:456 [inline] bm_register_write+0x9d3/0xa20 fs/binfmt_misc.c:654 vfs_write+0x11e/0x580 fs/read_write.c:582 ksys_write+0xcf/0x120 fs/read_write.c:637 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x34/0x80 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0033:0x4194e1 Since the type of Node's flags is unsigned long, we should define these macros with same type too.
    Added Reference https://git.kernel.org/stable/c/0f1a48994b3e516d5c7fd5d12204fdba7a604771
    Added Reference https://git.kernel.org/stable/c/419b808504c26b3e3342365f34ccd0843e09a7f8
    Added Reference https://git.kernel.org/stable/c/6a46bf558803dd2b959ca7435a5c143efe837217
    Added Reference https://git.kernel.org/stable/c/88cea1676a09f7c45a1438153a126610c33b1590
    Added Reference https://git.kernel.org/stable/c/97382a2639b1cd9631f6069061e9d7062cd2b098
    Added Reference https://git.kernel.org/stable/c/a651bb5ff997b9f02662bcdef3d8b4e6f0d79656
    Added Reference https://git.kernel.org/stable/c/a91123d4bda463469f68f0427adabf8108001f94
    Added Reference https://git.kernel.org/stable/c/dcbc51d31d0afbd45e830e3cf565a7b3ca7bf0d8
    Added Reference https://git.kernel.org/stable/c/ea6145370be8016755c43aca799815fc4b8c88b1
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
Vulnerability Scoring Details
No CVSS metrics available for this vulnerability.