In the Linux kernel, the following vulnerability has been resolved:
jfs: Fix shift-out-of-bounds in dbDiscardAG
When searching for the next smaller log2 block, BLKSTOL2() returned 0,
causing shift exponent -1 to be negative.
This patch fixes the issue by exiting the loop directly when negative
shift is found.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 20.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws-5.15 | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-azure | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-azure | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-azure | < any | UNKNOWN |
git.kernel.org/linus/7063b80268e2593e58bee8a8d709c2f3ff93e2f2 (6.11-rc1)
git.kernel.org/stable/c/234e6ea0855cdb5673d54ecaf7dc5c78f3e84630
git.kernel.org/stable/c/7063b80268e2593e58bee8a8d709c2f3ff93e2f2
git.kernel.org/stable/c/f650148b43949ca9e37e820804bb6026fff404f3
launchpad.net/bugs/cve/CVE-2024-44938
nvd.nist.gov/vuln/detail/CVE-2024-44938
security-tracker.debian.org/tracker/CVE-2024-44938
www.cve.org/CVERecord?id=CVE-2024-44938