CVE-2023-52810

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-52810
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-52810.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-52810
Downstream
Related
Published
2024-05-21T15:31:19.629Z
Modified
2026-03-14T12:23:14.797606Z
Severity
  • 8.4 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
fs/jfs: Add check for negative db_l2nbperpage
Details

In the Linux kernel, the following vulnerability has been resolved:

fs/jfs: Add check for negative db_l2nbperpage

l2nbperpage is log2(number of blks per page), and the minimum legal value should be 0, not negative.

In the case of l2nbperpage being negative, an error will occur when subsequently used as shift exponent.

Syzbot reported this bug:

UBSAN: shift-out-of-bounds in fs/jfs/jfs_dmap.c:799:12 shift exponent -16777216 is negative

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52810.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Fixed
cc61fcf7d1c99f148fe8ddfb5c6ed0bb75861f01
Fixed
8f2964df6bfce9d92d81ca552010b8677af8d9dc
Fixed
a81a56b4cbe3142cc99f6b98e8f9b3a631c768e1
Fixed
524b4f203afcf87accfe387e846f33f916f0c907
Fixed
5f148b16972e5f4592629b244d5109b15135f53f
Fixed
0cb567e727339a192f9fd0db00781d73a91d15a6
Fixed
491085258185ffc4fb91555b0dba895fe7656a45
Fixed
1a7c53fdea1d189087544d9a606d249e93c4934b
Fixed
525b861a008143048535011f3816d407940f4bfa

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-52810.json"