DEBIAN-CVE-2022-50567

In the Linux kernel, the following vulnerability has been resolved: fs: jfs: fix shift-out-of-bounds in dbAllocAG Syzbot found a crash : UBSAN: shift-out-of-bounds in dbAllocAG. The underlying bug is the missing check of bmp-dbagl2size. The field can be greater than 64 and trigger the...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-381976)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-381976 advisory. In the Linux kernel, the following vulnerability has been resolved: jfs: fix out-of-bounds in dbNextAG and diAlloc In dbNextAG , there is no check for the case where...

SUSE CVE-2025-38230

In the Linux kernel, the following vulnerability has been resolved: jfs: validate AG parameters in dbMount to prevent crashes Validate dbagheight, dbagwidth, and dbagstart in dbMount to catch corrupted metadata early and avoid undefined behavior in dbAllocAG. Limits are derived from L2LPERCTL,...

SUSE CVE-2025-37740

In the Linux kernel, the following vulnerability has been resolved: jfs: add sanity check for agwidth in dbMount The width in dmapctl of the AG is zero, it trigger a divide error when calculating the control page level in dbAllocAG. To avoid this issue, add a check for agwidth in dbAllocAG...

UBUNTU-CVE-2024-47723

In the Linux kernel, the following vulnerability has been resolved: jfs: fix out-of-bounds in dbNextAG and diAlloc In dbNextAG , there is no check for the case where bmp-dbnumag is greater or same than MAXAG due to a polluted image, which causes an out-of-bounds. Therefore, a bounds check should ...