Lucene search

K
debiancveDebian Security Bug TrackerDEBIANCVE:CVE-2023-52804
HistoryMay 21, 2024 - 4:15 p.m.

CVE-2023-52804

2024-05-2116:15:18
Debian Security Bug Tracker
security-tracker.debian.org
3
linux kernel
fs/jfs
vulnerability
validity check
array index

6.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

13.1%

In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Add validity check for db_maxag and db_agpref Both db_maxag and db_agpref are used as the index of the db_agfree array, but there is currently no validity check for db_maxag and db_agpref, which can lead to errors. The following is related bug reported by Syzbot: UBSAN: array-index-out-of-bounds in fs/jfs/jfs_dmap.c:639:20 index 7936 is out of range for type ‘atomic_t[128]’ Add checking that the values of db_maxag and db_agpref are valid indexes for the db_agfree array.

6.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

13.1%

Related for DEBIANCVE:CVE-2023-52804