In the Linux kernel, the following vulnerability has been resolved:
jfs: Fix shift-out-of-bounds in dbDiscardAG
When searching for the next smaller log2 block, BLKSTOL2() returned 0, causing shift exponent -1 to be negative.
This patch fixes the issue by exiting the loop directly when negative shift is found.
{ "vanir_signatures": [ { "digest": { "line_hashes": [ "309045118228092035467389557744103721601", "323400147417896021317663318157591690322", "305586646653869412610276403351645677928", "279036341044186781587576115787838548826" ], "threshold": 0.9 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4de2c04c3acd5b84f50b0d2f8f09e9b2f42374b9", "signature_type": "Line", "target": { "file": "fs/jfs/jfs_dmap.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2024-44938-329d2b1c" }, { "digest": { "line_hashes": [ "309045118228092035467389557744103721601", "323400147417896021317663318157591690322", "305586646653869412610276403351645677928", "279036341044186781587576115787838548826" ], "threshold": 0.9 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@234e6ea0855cdb5673d54ecaf7dc5c78f3e84630", "signature_type": "Line", "target": { "file": "fs/jfs/jfs_dmap.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2024-44938-622af86e" }, { "digest": { "length": 1427.0, "function_hash": "260316348763047871076059734828379743632" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@234e6ea0855cdb5673d54ecaf7dc5c78f3e84630", "signature_type": "Function", "target": { "function": "dbDiscardAG", "file": "fs/jfs/jfs_dmap.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2024-44938-6b4cb726" }, { "digest": { "length": 1427.0, "function_hash": "260316348763047871076059734828379743632" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7063b80268e2593e58bee8a8d709c2f3ff93e2f2", "signature_type": "Function", "target": { "function": "dbDiscardAG", "file": "fs/jfs/jfs_dmap.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2024-44938-7703a335" }, { "digest": { "line_hashes": [ "309045118228092035467389557744103721601", "323400147417896021317663318157591690322", "305586646653869412610276403351645677928", "279036341044186781587576115787838548826" ], "threshold": 0.9 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7063b80268e2593e58bee8a8d709c2f3ff93e2f2", "signature_type": "Line", "target": { "file": "fs/jfs/jfs_dmap.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2024-44938-82ca14b7" }, { "digest": { "line_hashes": [ "309045118228092035467389557744103721601", "323400147417896021317663318157591690322", "305586646653869412610276403351645677928", "279036341044186781587576115787838548826" ], "threshold": 0.9 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bd04a149e3a29e7f71b7956ed41dba34e42d539e", "signature_type": "Line", "target": { "file": "fs/jfs/jfs_dmap.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2024-44938-984bdcf2" }, { "digest": { "length": 1427.0, "function_hash": "260316348763047871076059734828379743632" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bd04a149e3a29e7f71b7956ed41dba34e42d539e", "signature_type": "Function", "target": { "function": "dbDiscardAG", "file": "fs/jfs/jfs_dmap.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2024-44938-dae7ef5d" }, { "digest": { "length": 1427.0, "function_hash": "260316348763047871076059734828379743632" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4de2c04c3acd5b84f50b0d2f8f09e9b2f42374b9", "signature_type": "Function", "target": { "function": "dbDiscardAG", "file": "fs/jfs/jfs_dmap.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2024-44938-f1dcc1ca" } ] }