CVE-2023-52804

fs/jfs: Add validity check for db_maxag and db_agpref

Severity Score

5.3

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Add validity check for db_maxag and db_agpref Both db_maxag and db_agpref are used as the index of the
db_agfree array, but there is currently no validity check for
db_maxag and db_agpref, which can lead to errors. The following is related bug reported by Syzbot: UBSAN: array-index-out-of-bounds in fs/jfs/jfs_dmap.c:639:20
index 7936 is out of range for type 'atomic_t[128]' Add checking that the values of db_maxag and db_agpref are valid
indexes for the db_agfree array.

En el kernel de Linux, se resolvió la siguiente vulnerabilidad: fs/jfs: agregue verificación de validez para db_maxag y db_agpref. Tanto db_maxag como db_agpref se utilizan como índice de la matriz db_agfree, pero actualmente no hay verificación de validez para db_maxag y db_agpref, lo cual puede dar lugar a errores. El siguiente es un error relacionado reportado por Syzbot: UBSAN: array-index-out-of-bounds in fs/jfs/jfs_dmap.c:639:20 el índice 7936 está fuera de rango para el tipo 'atomic_t[128]' Agregue verificando que el Los valores de db_maxag y db_agpref son índices válidos para la matriz db_agfree.

In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Add validity check for db_maxag and db_agpref Both db_maxag and db_agpref are used as the index of the db_agfree array, but there is currently no validity check for db_maxag and db_agpref, which can lead to errors. The following is related bug reported by Syzbot: UBSAN: array-index-out-of-bounds in fs/jfs/jfs_dmap.c:639:20 index 7936 is out of range for type 'atomic_t[128]' Add checking that the values of db_maxag and db_agpref are valid indexes for the db_agfree array.

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

Low

Attack Vector

Local

Attack Complexity

Low

Authentication

Single

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-05-21 CVE Reserved
2024-05-21 CVE Published
2024-12-19 CVE Updated
2025-03-30 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (9)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/a0649e2dd4a3595b5595a29d0064d047c2fae2fb	2023-11-28
https://git.kernel.org/stable/c/ce15b0f1a431168f07b1cc6c9f71206a2db5c809	2023-11-28
https://git.kernel.org/stable/c/32bd8f1cbcf8b663e29dd1f908ba3a129541a11b	2023-11-28
https://git.kernel.org/stable/c/c6c8863fb3f57700ab583d875adda04caaf2278a	2023-11-28
https://git.kernel.org/stable/c/1f74d336990f37703a8eee77153463d65b67f70e	2023-11-28
https://git.kernel.org/stable/c/5013f8269887642cca784adc8db9b5f0b771533f	2023-11-28
https://git.kernel.org/stable/c/dca403bb035a565bb98ecc1dda5d30f676feda40	2023-11-28
https://git.kernel.org/stable/c/2323de34a3ae61a9f9b544c18583f71cea86721f	2023-11-28
https://git.kernel.org/stable/c/64933ab7b04881c6c18b21ff206c12278341c72e	2023-10-03

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 4.14.331 Search vendor "Linux" for product "Linux Kernel" and version " < 4.14.331"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 4.19.300 Search vendor "Linux" for product "Linux Kernel" and version " < 4.19.300"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 5.4.262 Search vendor "Linux" for product "Linux Kernel" and version " < 5.4.262"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 5.10.202 Search vendor "Linux" for product "Linux Kernel" and version " < 5.10.202"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 5.15.140 Search vendor "Linux" for product "Linux Kernel" and version " < 5.15.140"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 6.1.64 Search vendor "Linux" for product "Linux Kernel" and version " < 6.1.64"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 6.5.13 Search vendor "Linux" for product "Linux Kernel" and version " < 6.5.13"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 6.6.3 Search vendor "Linux" for product "Linux Kernel" and version " < 6.6.3"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 6.7 Search vendor "Linux" for product "Linux Kernel" and version " < 6.7"		en		Affected