CVE-2024-44938

Summary

In the Linux kernel, the following vulnerability has been resolved:

jfs: Fix shift-out-of-bounds in dbDiscardAG

When searching for the next smaller log2 block, BLKSTOL2() returned 0, causing shift exponent -1 to be negative.

This patch fixes the issue by exiting the loop directly when negative shift is found.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxb40c2e665cd552eae5fbdbb878bc29a34357668e < bb7c605a754823b86dd74f6537ccb9d38a9dec5aaffected
LinuxLinuxb40c2e665cd552eae5fbdbb878bc29a34357668e < 4de2c04c3acd5b84f50b0d2f8f09e9b2f42374b9affected
LinuxLinuxb40c2e665cd552eae5fbdbb878bc29a34357668e < bd04a149e3a29e7f71b7956ed41dba34e42d539eaffected
LinuxLinuxb40c2e665cd552eae5fbdbb878bc29a34357668e < f650148b43949ca9e37e820804bb6026fff404f3affected
LinuxLinuxb40c2e665cd552eae5fbdbb878bc29a34357668e < 234e6ea0855cdb5673d54ecaf7dc5c78f3e84630affected
LinuxLinuxb40c2e665cd552eae5fbdbb878bc29a34357668e < 7063b80268e2593e58bee8a8d709c2f3ff93e2f2affected
LinuxLinux3.7affected
LinuxLinux0 < 3.7unaffected
LinuxLinux5.10.237 <= 5.10.*unaffected
LinuxLinux5.15.181 <= 5.15.*unaffected
LinuxLinux6.1.107 <= 6.1.*unaffected
LinuxLinux6.6.47 <= 6.6.*unaffected
LinuxLinux6.10.6 <= 6.10.*unaffected
LinuxLinux6.11 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References