CVE-2024-47723

Summary

In the Linux kernel, the following vulnerability has been resolved:

jfs: fix out-of-bounds in dbNextAG() and diAlloc()

In dbNextAG() , there is no check for the case where bmp->db_numag is greater or same than MAXAG due to a polluted image, which causes an out-of-bounds. Therefore, a bounds check should be added in dbMount().

And in dbNextAG(), a check for the case where agpref is greater than bmp->db_numag should be added, so an out-of-bounds exception should be prevented.

Additionally, a check for the case where agno is greater or same than MAXAG should be added in diAlloc() to prevent out-of-bounds.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < d1017d2a0f3f16dc1db5120e7ddbe7c6680425b0affected
LinuxLinux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 5ad6284c8d433f8a213111c5c44ead4d9705b622affected
LinuxLinux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 0338e66cba272351ca9d7d03f3628e390e70963baffected
LinuxLinux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < ead82533278502428883085a787d5a00f15e5eb9affected
LinuxLinux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 6ce8b6ab44a8b5918c0ee373d4ad19d19017931baffected
LinuxLinux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < c1ba4b8ca799ff1d99d01f37d7ccb7d5ba5533d2affected
LinuxLinux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 128d5cfdcf844cb690c9295a3a1c1114c21fc15aaffected
LinuxLinux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 96855f40e152989c9e7c20c4691ace5581098accaffected
LinuxLinux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < e63866a475562810500ea7f784099bfe341e761aaffected
LinuxLinux2.6.12affected
LinuxLinux0 < 2.6.12unaffected
LinuxLinux4.19.323 <= 4.19.*unaffected
LinuxLinux5.4.285 <= 5.4.*unaffected
LinuxLinux5.10.227 <= 5.10.*unaffected
LinuxLinux5.15.168 <= 5.15.*unaffected
LinuxLinux6.1.113 <= 6.1.*unaffected
LinuxLinux6.6.54 <= 6.6.*unaffected
LinuxLinux6.10.13 <= 6.10.*unaffected
LinuxLinux6.11.2 <= 6.11.*unaffected
LinuxLinux6.12 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

Additional References

References