{ "containers": { "cna": { "providerMetadata": { "orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038" }, "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: fix out-of-bounds in dbNextAG() and diAlloc()\n\nIn dbNextAG() , there is no check for the case where bmp->db_numag is\ngreater or same than MAXAG due to a polluted image, which causes an\nout-of-bounds. Therefore, a bounds check should be added in dbMount().\n\nAnd in dbNextAG(), a check for the case where agpref is greater than\nbmp->db_numag should be added, so an out-of-bounds exception should be\nprevented.\n\nAdditionally, a check for the case where agno is greater or same than\nMAXAG should be added in diAlloc() to prevent out-of-bounds." } ], "affected": [ { "product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": [ "fs/jfs/jfs_dmap.c", "fs/jfs/jfs_imap.c" ], "versions": [ { "version": "1da177e4c3f4", "lessThan": "0338e66cba27", "status": "affected", "versionType": "git" }, { "version": "1da177e4c3f4", "lessThan": "ead825332785", "status": "affected", "versionType": "git" }, { "version": "1da177e4c3f4", "lessThan": "6ce8b6ab44a8", "status": "affected", "versionType": "git" }, { "version": "1da177e4c3f4", "lessThan": "c1ba4b8ca799", "status": "affected", "versionType": "git" }, { "version": "1da177e4c3f4", "lessThan": "128d5cfdcf84", "status": "affected", "versionType": "git" }, { "version": "1da177e4c3f4", "lessThan": "96855f40e152", "status": "affected", "versionType": "git" }, { "version": "1da177e4c3f4", "lessThan": "e63866a47556", "status": "affected", "versionType": "git" } ] }, { "product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": [ "fs/jfs/jfs_dmap.c", "fs/jfs/jfs_imap.c" ], "versions": [ { "version": "2.6.12", "status": "affected" }, { "version": "0", "lessThan": "2.6.12", "status": "unaffected", "versionType": "custom" }, { "version": "5.10.227", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "custom" }, { "version": "5.15.168", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "custom" }, { "version": "6.1.113", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "custom" }, { "version": "6.6.54", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "custom" }, { "version": "6.10.13", "lessThanOrEqual": "6.10.*", "status": "unaffected", "versionType": "custom" }, { "version": "6.11.2", "lessThanOrEqual": "6.11.*", "status": "unaffected", "versionType": "custom" }, { "version": "6.12-rc1", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix" } ] } ], "references": [ { "url": "https://git.kernel.org/stable/c/0338e66cba272351ca9d7d03f3628e390e70963b" }, { "url": "https://git.kernel.org/stable/c/ead82533278502428883085a787d5a00f15e5eb9" }, { "url": "https://git.kernel.org/stable/c/6ce8b6ab44a8b5918c0ee373d4ad19d19017931b" }, { "url": "https://git.kernel.org/stable/c/c1ba4b8ca799ff1d99d01f37d7ccb7d5ba5533d2" }, { "url": "https://git.kernel.org/stable/c/128d5cfdcf844cb690c9295a3a1c1114c21fc15a" }, { "url": "https://git.kernel.org/stable/c/96855f40e152989c9e7c20c4691ace5581098acc" }, { "url": "https://git.kernel.org/stable/c/e63866a475562810500ea7f784099bfe341e761a" } ], "title": "jfs: fix out-of-bounds in dbNextAG() and diAlloc()", "x_generator": { "engine": "bippy-c9c4e1df01b2" } } }, "cveMetadata": { "assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038", "cveID": "CVE-2024-47723", "requesterUserId": "gregkh@kernel.org", "serial": "1", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.0" }