fkie_cve-2023-52810
Vulnerability from fkie_nvd
Published
2024-05-21 16:15
Modified
2024-11-21 08:40
Severity ?
8.4 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Add check for negative db_l2nbperpage l2nbperpage is log2(number of blks per page), and the minimum legal value should be 0, not negative. In the case of l2nbperpage being negative, an error will occur when subsequently used as shift exponent. Syzbot reported this bug: UBSAN: shift-out-of-bounds in fs/jfs/jfs_dmap.c:799:12 shift exponent -16777216 is negative
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/0cb567e727339a192f9fd0db00781d73a91d15a6
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/1a7c53fdea1d189087544d9a606d249e93c4934b
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/491085258185ffc4fb91555b0dba895fe7656a45
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/524b4f203afcf87accfe387e846f33f916f0c907
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/525b861a008143048535011f3816d407940f4bfa
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/5f148b16972e5f4592629b244d5109b15135f53f
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/8f2964df6bfce9d92d81ca552010b8677af8d9dc
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/a81a56b4cbe3142cc99f6b98e8f9b3a631c768e1
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/cc61fcf7d1c99f148fe8ddfb5c6ed0bb75861f01
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/0cb567e727339a192f9fd0db00781d73a91d15a6
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/1a7c53fdea1d189087544d9a606d249e93c4934b
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/491085258185ffc4fb91555b0dba895fe7656a45
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/524b4f203afcf87accfe387e846f33f916f0c907
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/525b861a008143048535011f3816d407940f4bfa
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/5f148b16972e5f4592629b244d5109b15135f53f
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/8f2964df6bfce9d92d81ca552010b8677af8d9dc
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/a81a56b4cbe3142cc99f6b98e8f9b3a631c768e1
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/cc61fcf7d1c99f148fe8ddfb5c6ed0bb75861f01
Impacted products
Vendor Product Version


To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/jfs: Add check for negative db_l2nbperpage\n\nl2nbperpage is log2(number of blks per page), and the minimum legal\nvalue should be 0, not negative.\n\nIn the case of l2nbperpage being negative, an error will occur\nwhen subsequently used as shift exponent.\n\nSyzbot reported this bug:\n\nUBSAN: shift-out-of-bounds in fs/jfs/jfs_dmap.c:799:12\nshift exponent -16777216 is negative"
    },
    {
      "lang": "es",
      "value": " En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: fs/jfs: agregue verificaci\u00f3n para db_l2nbperpage negativo, l2nbperpage es log2 (n\u00famero de bloques por p\u00e1gina) y el valor m\u00ednimo legal debe ser 0, no negativo. En el caso de que l2nbperpage sea negativo, se producir\u00e1 un error cuando se utilice posteriormente como exponente de desplazamiento. Syzbot inform\u00f3 este error: UBSAN: desplazamiento fuera de los l\u00edmites en fs/jfs/jfs_dmap.c:799:12 el exponente de desplazamiento -16777216 es negativo"
    }
  ],
  "id": "CVE-2023-52810",
  "lastModified": "2024-11-21T08:40:38.193",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 8.4,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.5,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-05-21T16:15:19.270",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/0cb567e727339a192f9fd0db00781d73a91d15a6"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/1a7c53fdea1d189087544d9a606d249e93c4934b"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/491085258185ffc4fb91555b0dba895fe7656a45"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/524b4f203afcf87accfe387e846f33f916f0c907"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/525b861a008143048535011f3816d407940f4bfa"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/5f148b16972e5f4592629b244d5109b15135f53f"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/8f2964df6bfce9d92d81ca552010b8677af8d9dc"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/a81a56b4cbe3142cc99f6b98e8f9b3a631c768e1"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/cc61fcf7d1c99f148fe8ddfb5c6ed0bb75861f01"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://git.kernel.org/stable/c/0cb567e727339a192f9fd0db00781d73a91d15a6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://git.kernel.org/stable/c/1a7c53fdea1d189087544d9a606d249e93c4934b"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://git.kernel.org/stable/c/491085258185ffc4fb91555b0dba895fe7656a45"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://git.kernel.org/stable/c/524b4f203afcf87accfe387e846f33f916f0c907"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://git.kernel.org/stable/c/525b861a008143048535011f3816d407940f4bfa"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://git.kernel.org/stable/c/5f148b16972e5f4592629b244d5109b15135f53f"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://git.kernel.org/stable/c/8f2964df6bfce9d92d81ca552010b8677af8d9dc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://git.kernel.org/stable/c/a81a56b4cbe3142cc99f6b98e8f9b3a631c768e1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://git.kernel.org/stable/c/cc61fcf7d1c99f148fe8ddfb5c6ed0bb75861f01"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-1335"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.