HIGH🇬🇧 English

CVE-2023-52810

CVSS 8.4v3.1pub. 2024-05-21upd. 2025-04-02

In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Add check for negative db_l2nbperpage l2nbperpage is log2(number of blks per page), and the minimum legal value should be 0, not negative. In the case of l2nbperpage being negative, an error will occur when subsequently used as shift exponent. Syzbot reported this bug: UBSAN: shift-out-of-bounds in fs/jfs/jfs_dmap.c:799:12 shift exponent -16777216 is negative

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Linux Kernel

    OS
    Linux
    < 4.14.3314.15 – 4.19.300 (bez)4.20 – 5.4.262 (bez)5.5 – 5.10.202 (bez)5.11 – 5.15.140 (bez)5.16 – 6.1.64 (bez)6.2 – 6.5.13 (bez)6.6 – 6.6.3 (bez)
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
Memory
CWE
Referencje

Powiązane podatności

CVE-2025-10585CRITICAL9.8⚠ KEVPL ✓ten sam produkt

Type confusion w V8 (Google Chrome) — zdalne uszkodzenie sterty

CVE-2025-34028CRITICAL9.3⚠ KEVPL ✓ten sam produkt

Commvault Command Center – nieuwierzytelniony RCE przez path traversal w ZIP

CVE-2022-47986CRITICAL9.8⚠ KEVten sam produkt

IBM Aspera Faspex 4.4.2 Patch Level 1 and earlier could allow a remote attacker to execute arbitrary code on t...

CVE-2022-22954CRITICAL9.8⚠ KEVten sam produkt

VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-s...

CVE-2020-4006CRITICAL9.1⚠ KEVten sam produkt

VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address have a...