CVE-2023-52799
jfs: fix array-index-out-of-bounds in dbFindLeaf
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
21 May 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
In the Linux kernel, the following vulnerability has been resolved:
jfs: fix array-index-out-of-bounds in dbFindLeaf
Currently while searching for dmtree_t for sufficient free blocks there
is an array out of bounds while getting element in tp->dm_stree. To add
the required check for out of bound we first need to determine the type
of dmtree. Thus added an extra parameter to dbFindLeaf so that the type
of tree can be determined and the required check can be applied.
Affected products
Linux · LinuxWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://git.kernel.org/stable/c/20f9310a18e3e99fc031e036fcbed67105ae1859https://git.kernel.org/stable/c/22cad8bc1d36547cdae0eef316c47d917ce3147chttps://git.kernel.org/stable/c/81aa58cd8495b8c3b527f58ccbe19478d8087f61https://git.kernel.org/stable/c/86df90f3fea7c5591f05c8a0010871d435e83046https://git.kernel.org/stable/c/87c681ab49e99039ff2dd3e71852417381b13878https://git.kernel.org/stable/c/88b7894a8f8705bf4e7ea90b10229376abf14514https://git.kernel.org/stable/c/a50b796d36719757526ee094c703378895ab5e67https://git.kernel.org/stable/c/da3da5e1e6f71c21d8e6149d7076d936ef5d4cb9https://git.kernel.org/stable/c/ecfb47f13b08b02cf28b7b50d4941eefa21954d2