CVE-2023-52810

In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Add check for negative db_l2nbperpage l2nbperpage is log2(number of blks per page), and the minimum legal value should be 0, not negative. In the case of l2nbperpage being negative, an error will occur when subsequently used as shift exponent. Syzbot reported this bug: UBSAN: shift-out-of-bounds in fs/jfs/jfs_dmap.c:799:12 shift exponent -16777216 is negative

CVSS v3 8.4 HIGH

8.4^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.5 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/0cb567e727339a192f9fd0db00781d73a91d15a6	Patch
https://git.kernel.org/stable/c/1a7c53fdea1d189087544d9a606d249e93c4934b	Patch
https://git.kernel.org/stable/c/491085258185ffc4fb91555b0dba895fe7656a45	Patch
https://git.kernel.org/stable/c/524b4f203afcf87accfe387e846f33f916f0c907	Patch
https://git.kernel.org/stable/c/525b861a008143048535011f3816d407940f4bfa	Patch
https://git.kernel.org/stable/c/5f148b16972e5f4592629b244d5109b15135f53f	Patch
https://git.kernel.org/stable/c/8f2964df6bfce9d92d81ca552010b8677af8d9dc	Patch
https://git.kernel.org/stable/c/a81a56b4cbe3142cc99f6b98e8f9b3a631c768e1	Patch
https://git.kernel.org/stable/c/cc61fcf7d1c99f148fe8ddfb5c6ed0bb75861f01	Patch
https://git.kernel.org/stable/c/0cb567e727339a192f9fd0db00781d73a91d15a6	Patch
https://git.kernel.org/stable/c/1a7c53fdea1d189087544d9a606d249e93c4934b	Patch
https://git.kernel.org/stable/c/491085258185ffc4fb91555b0dba895fe7656a45	Patch
https://git.kernel.org/stable/c/524b4f203afcf87accfe387e846f33f916f0c907	Patch
https://git.kernel.org/stable/c/525b861a008143048535011f3816d407940f4bfa	Patch
https://git.kernel.org/stable/c/5f148b16972e5f4592629b244d5109b15135f53f	Patch
https://git.kernel.org/stable/c/8f2964df6bfce9d92d81ca552010b8677af8d9dc	Patch
https://git.kernel.org/stable/c/a81a56b4cbe3142cc99f6b98e8f9b3a631c768e1	Patch
https://git.kernel.org/stable/c/cc61fcf7d1c99f148fe8ddfb5c6ed0bb75861f01	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

History

02 Apr 2025, 15:02

Type	Values Removed	Values Added
CPE		cpe:2.3:o:linux:linux_kernel::::::::
References	~~() https://git.kernel.org/stable/c/0cb567e727339a192f9fd0db00781d73a91d15a6 -~~	() https://git.kernel.org/stable/c/0cb567e727339a192f9fd0db00781d73a91d15a6 - Patch
References	~~() https://git.kernel.org/stable/c/1a7c53fdea1d189087544d9a606d249e93c4934b -~~	() https://git.kernel.org/stable/c/1a7c53fdea1d189087544d9a606d249e93c4934b - Patch
References	~~() https://git.kernel.org/stable/c/491085258185ffc4fb91555b0dba895fe7656a45 -~~	() https://git.kernel.org/stable/c/491085258185ffc4fb91555b0dba895fe7656a45 - Patch
References	~~() https://git.kernel.org/stable/c/524b4f203afcf87accfe387e846f33f916f0c907 -~~	() https://git.kernel.org/stable/c/524b4f203afcf87accfe387e846f33f916f0c907 - Patch
References	~~() https://git.kernel.org/stable/c/525b861a008143048535011f3816d407940f4bfa -~~	() https://git.kernel.org/stable/c/525b861a008143048535011f3816d407940f4bfa - Patch
References	~~() https://git.kernel.org/stable/c/5f148b16972e5f4592629b244d5109b15135f53f -~~	() https://git.kernel.org/stable/c/5f148b16972e5f4592629b244d5109b15135f53f - Patch
References	~~() https://git.kernel.org/stable/c/8f2964df6bfce9d92d81ca552010b8677af8d9dc -~~	() https://git.kernel.org/stable/c/8f2964df6bfce9d92d81ca552010b8677af8d9dc - Patch
References	~~() https://git.kernel.org/stable/c/a81a56b4cbe3142cc99f6b98e8f9b3a631c768e1 -~~	() https://git.kernel.org/stable/c/a81a56b4cbe3142cc99f6b98e8f9b3a631c768e1 - Patch
References	~~() https://git.kernel.org/stable/c/cc61fcf7d1c99f148fe8ddfb5c6ed0bb75861f01 -~~	() https://git.kernel.org/stable/c/cc61fcf7d1c99f148fe8ddfb5c6ed0bb75861f01 - Patch
First Time		Linux Linux linux Kernel

21 Nov 2024, 08:40

Type	Values Removed	Values Added
References	~~() https://git.kernel.org/stable/c/0cb567e727339a192f9fd0db00781d73a91d15a6 -~~	() https://git.kernel.org/stable/c/0cb567e727339a192f9fd0db00781d73a91d15a6 -
References	~~() https://git.kernel.org/stable/c/1a7c53fdea1d189087544d9a606d249e93c4934b -~~	() https://git.kernel.org/stable/c/1a7c53fdea1d189087544d9a606d249e93c4934b -
References	~~() https://git.kernel.org/stable/c/491085258185ffc4fb91555b0dba895fe7656a45 -~~	() https://git.kernel.org/stable/c/491085258185ffc4fb91555b0dba895fe7656a45 -
References	~~() https://git.kernel.org/stable/c/524b4f203afcf87accfe387e846f33f916f0c907 -~~	() https://git.kernel.org/stable/c/524b4f203afcf87accfe387e846f33f916f0c907 -
References	~~() https://git.kernel.org/stable/c/525b861a008143048535011f3816d407940f4bfa -~~	() https://git.kernel.org/stable/c/525b861a008143048535011f3816d407940f4bfa -
References	~~() https://git.kernel.org/stable/c/5f148b16972e5f4592629b244d5109b15135f53f -~~	() https://git.kernel.org/stable/c/5f148b16972e5f4592629b244d5109b15135f53f -
References	~~() https://git.kernel.org/stable/c/8f2964df6bfce9d92d81ca552010b8677af8d9dc -~~	() https://git.kernel.org/stable/c/8f2964df6bfce9d92d81ca552010b8677af8d9dc -
References	~~() https://git.kernel.org/stable/c/a81a56b4cbe3142cc99f6b98e8f9b3a631c768e1 -~~	() https://git.kernel.org/stable/c/a81a56b4cbe3142cc99f6b98e8f9b3a631c768e1 -
References	~~() https://git.kernel.org/stable/c/cc61fcf7d1c99f148fe8ddfb5c6ed0bb75861f01 -~~	() https://git.kernel.org/stable/c/cc61fcf7d1c99f148fe8ddfb5c6ed0bb75861f01 -

03 Jul 2024, 01:44

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 8.4
Summary		(es) En el kernel de Linux, se resolvió la siguiente vulnerabilidad: fs/jfs: agregue verificación para db_l2nbperpage negativo, l2nbperpage es log2 (número de bloques por página) y el valor mínimo legal debe ser 0, no negativo. En el caso de que l2nbperpage sea negativo, se producirá un error cuando se utilice posteriormente como exponente de desplazamiento. Syzbot informó este error: UBSAN: desplazamiento fuera de los límites en fs/jfs/jfs_dmap.c:799:12 el exponente de desplazamiento -16777216 es negativo
CWE		CWE-1335

21 May 2024, 16:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-05-21 16:15

Updated : 2025-04-02 15:02

NVD link : CVE-2023-52810

Mitre link : CVE-2023-52810

CVE.ORG link : CVE-2023-52810

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-1335

{"id": "CVE-2023-52810", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.4, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.5}]}, "published": "2024-05-21T16:15:19.270", "references": [{"url": "https://git.kernel.org/stable/c/0cb567e727339a192f9fd0db00781d73a91d15a6", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/1a7c53fdea1d189087544d9a606d249e93c4934b", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/491085258185ffc4fb91555b0dba895fe7656a45", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/524b4f203afcf87accfe387e846f33f916f0c907", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/525b861a008143048535011f3816d407940f4bfa", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/5f148b16972e5f4592629b244d5109b15135f53f", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/8f2964df6bfce9d92d81ca552010b8677af8d9dc", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/a81a56b4cbe3142cc99f6b98e8f9b3a631c768e1", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/cc61fcf7d1c99f148fe8ddfb5c6ed0bb75861f01", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/0cb567e727339a192f9fd0db00781d73a91d15a6", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/1a7c53fdea1d189087544d9a606d249e93c4934b", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/491085258185ffc4fb91555b0dba895fe7656a45", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/524b4f203afcf87accfe387e846f33f916f0c907", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/525b861a008143048535011f3816d407940f4bfa", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/5f148b16972e5f4592629b244d5109b15135f53f", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/8f2964df6bfce9d92d81ca552010b8677af8d9dc", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/a81a56b4cbe3142cc99f6b98e8f9b3a631c768e1", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/cc61fcf7d1c99f148fe8ddfb5c6ed0bb75861f01", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-1335"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/jfs: Add check for negative db_l2nbperpage\n\nl2nbperpage is log2(number of blks per page), and the minimum legal\nvalue should be 0, not negative.\n\nIn the case of l2nbperpage being negative, an error will occur\nwhen subsequently used as shift exponent.\n\nSyzbot reported this bug:\n\nUBSAN: shift-out-of-bounds in fs/jfs/jfs_dmap.c:799:12\nshift exponent -16777216 is negative"}, {"lang": "es", "value": " En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: fs/jfs: agregue verificaci\u00f3n para db_l2nbperpage negativo, l2nbperpage es log2 (n\u00famero de bloques por p\u00e1gina) y el valor m\u00ednimo legal debe ser 0, no negativo. En el caso de que l2nbperpage sea negativo, se producir\u00e1 un error cuando se utilice posteriormente como exponente de desplazamiento. Syzbot inform\u00f3 este error: UBSAN: desplazamiento fuera de los l\u00edmites en fs/jfs/jfs_dmap.c:799:12 el exponente de desplazamiento -16777216 es negativo"}], "lastModified": "2025-04-02T15:02:08.620", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6F120ED7-3012-4856-9F08-B433BC310335", "versionEndExcluding": "4.14.331"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C99DDB75-1CAC-40D0-A14D-67A2A55D6005", "versionEndExcluding": "4.19.300", "versionStartIncluding": "4.15"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "28B0AAED-45BA-4928-9A85-66A429B9F038", "versionEndExcluding": "5.4.262", "versionStartIncluding": "4.20"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "39D508B4-58C7-40C2-BE05-44E41110EB98", "versionEndExcluding": "5.10.202", "versionStartIncluding": "5.5"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "15D6C23C-78A3-40D2-B76B-4F1D9C2D95C0", "versionEndExcluding": "5.15.140", "versionStartIncluding": "5.11"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8D7C884A-CAA2-4EA2-9FEB-5CE776D7B05F", "versionEndExcluding": "6.1.64", "versionStartIncluding": "5.16"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "674C4F82-C336-4B49-BF64-1DE422E889C4", "versionEndExcluding": "6.5.13", "versionStartIncluding": "6.2"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B58252FA-A49C-411F-9B28-DC5FE44BC5A0", "versionEndExcluding": "6.6.3", "versionStartIncluding": "6.6"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}

8.4 /10