CVE-2023-52810
fs/jfs: Add check for negative db_l2nbperpage
Vexday Risk Score
21Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 8.4EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
21 may 2024Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
In the Linux kernel, the following vulnerability has been resolved:
fs/jfs: Add check for negative db_l2nbperpage
l2nbperpage is log2(number of blks per page), and the minimum legal
value should be 0, not negative.
In the case of l2nbperpage being negative, an error will occur
when subsequently used as shift exponent.
Syzbot reported this bug:
UBSAN: shift-out-of-bounds in fs/jfs/jfs_dmap.c:799:12
shift exponent -16777216 is negative
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Productos afectados
Linux · Linux¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
https://git.kernel.org/stable/c/0cb567e727339a192f9fd0db00781d73a91d15a6https://git.kernel.org/stable/c/1a7c53fdea1d189087544d9a606d249e93c4934bhttps://git.kernel.org/stable/c/491085258185ffc4fb91555b0dba895fe7656a45https://git.kernel.org/stable/c/524b4f203afcf87accfe387e846f33f916f0c907https://git.kernel.org/stable/c/525b861a008143048535011f3816d407940f4bfahttps://git.kernel.org/stable/c/5f148b16972e5f4592629b244d5109b15135f53fhttps://git.kernel.org/stable/c/8f2964df6bfce9d92d81ca552010b8677af8d9dchttps://git.kernel.org/stable/c/a81a56b4cbe3142cc99f6b98e8f9b3a631c768e1https://git.kernel.org/stable/c/cc61fcf7d1c99f148fe8ddfb5c6ed0bb75861f01