CVE-2022-49062: In the Linux kernel, the following vulnerability has been resolved: cachefiles: Fix KASAN slab-out-of-bounds in cachefi
highvulnerability
security
Summary
A Linux kernel bug in cachefiles (a file caching system) caused a slab-out-of-bounds error (KASAN, a memory safety detector, caught code writing outside allocated memory) when setting extended attributes on cached volumes. The fix uses the actual length of volume coherency data (metadata describing consistency) instead of an incorrect length when writing the attribute.
Solution / Mitigation
Use the actual length of volume coherency data when setting the xattr to avoid the slab-out-of-bounds write error in cachefiles_set_volume_xattr.
Vulnerability Details
CVSS Score
7.8(high)
EPSS (30-day exploit probability)
EPSS: 0.0%
Classification
Attack SophisticationModerate
Original source: https://nvd.nist.gov/vuln/detail/CVE-2022-49062
First tracked: February 15, 2026 at 08:52 PM
Classified by LLM (prompt v3) · confidence: 95%