VDB
CISA-2023-52810
CISA-2023-52810
PUBLISHED
CVSS 8.4 HIGH
Reported by Linux · Published May 21, 2024
In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Add check for negative db_l2nbperpage l2nbperpage is log2(number of blks per page), and the minimum legal value should be 0, not negative. In the case of l2nbperpage being negative, an error will occur when subsequently used as shift exponent. Syzbot reported this bug: UBSAN: shift-out-of-bounds in fs/jfs/jfs_dmap.c:799:12 shift exponent -16777216 is negative
Risk Scores
CVSS 3.1
8.4
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux | 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 |
| Linux | Linux | 2.6.12, 0, 4.14.331 |
| Linux | Linux | 4.19.300, 0, 6.7 |
| linux | linux_kernel | 1da177e4c3f4, 1da177e4c3f4, 1da177e4c3f4 |
| linux | linux_kernel | 2.6.12, 2.6.12, 2.6.12 |
Timeline
- May 21, 2024 CVE Published
- Jan 5, 2026 CVE Updated