cve 2022 47085

CVE-2022-47085 is a denial-of-service vulnerability in OSTree's Rust bindings, specifically in the panic-handling routine within repo_checkout_filter.rs. The flaw allowed a double-unwind or abort scenario when the panic-printing helper itself panicked while reporting a prior panic, enabling an attacker to crash OSTree-driven components. The issue affects OSTree releases before the 2022.7/0.17.1 line and was fixed by replacing eprintln!-based reporting with a direct stderr write. Discussions on WindowsForum.com cover the technical details, impact on systems using OSTree, and the patch applied to resolve the vulnerability.