CVE-2022-49553
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-49553
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-49553.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2022-49553
- Downstream
- Published
- 2025-02-26T07:01:31Z
- Modified
- 2025-08-09T19:01:27Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
fs/ntfs3: validate BOOT sectorsperclusters
When the NTFS BOOT sectorsperclusters field is > 0x80, it represents a shift value. Make sure that the shift value is not too large before using it (NTFS max cluster size is 2MB). Return -EVINVAL if it too large.
This prevents negative shift values and shift values that are larger than the field size.
Prevents this UBSAN error:
UBSAN: shift-out-of-bounds in ../fs/ntfs3/super.c:673:16 shift exponent -192 is negative
- References