CVE-2022-50333

Summary

In the Linux kernel, the following vulnerability has been resolved:

fs: jfs: fix shift-out-of-bounds in dbDiscardAG

This should be applied to most URSAN bugs found recently by syzbot, by guarding the dbMount. As syzbot feeding rubbish into the bmap descriptor.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxb40c2e665cd552eae5fbdbb878bc29a34357668e < f8d4d0bac603616e2fa4a3907e81ed13f8f3c380affected
LinuxLinuxb40c2e665cd552eae5fbdbb878bc29a34357668e < 0183c8f46ab5bcd0740f41c87f5141c6ca2bf1bbaffected
LinuxLinuxb40c2e665cd552eae5fbdbb878bc29a34357668e < 624843f1bac448150f6859999c72c4841c14a2e3affected
LinuxLinuxb40c2e665cd552eae5fbdbb878bc29a34357668e < 50163a115831ef4e6402db5a7ef487d1989d7249affected
LinuxLinuxb40c2e665cd552eae5fbdbb878bc29a34357668e < 911999b193735cd378517b6cd5fe585ee345d49caffected
LinuxLinuxb40c2e665cd552eae5fbdbb878bc29a34357668e < 10b87da8fae79c7daf5eda6a9e4f1d31b85b4d92affected
LinuxLinuxb40c2e665cd552eae5fbdbb878bc29a34357668e < ab5cd3d62c2493eca3337e7d0178cc7bd819ca64affected
LinuxLinuxb40c2e665cd552eae5fbdbb878bc29a34357668e < 3d340b684dcec5e34efc470227cd1c7d2df121adaffected
LinuxLinuxb40c2e665cd552eae5fbdbb878bc29a34357668e < 25e70c6162f207828dd405b432d8f2a98dbf7082affected
LinuxLinux3.7affected
LinuxLinux0 < 3.7unaffected
LinuxLinux4.9.337 <= 4.9.*unaffected
LinuxLinux4.14.303 <= 4.14.*unaffected
LinuxLinux4.19.270 <= 4.19.*unaffected
LinuxLinux5.4.229 <= 5.4.*unaffected
LinuxLinux5.10.163 <= 5.10.*unaffected
LinuxLinux5.15.86 <= 5.15.*unaffected
LinuxLinux6.0.16 <= 6.0.*unaffected
LinuxLinux6.1.2 <= 6.1.*unaffected
LinuxLinux6.2 <= *unaffected

Weaknesses

References