PT-2023-9352 · Linux+3 · Linux Kernel+3

Syzbot

Publicado

2023-10-03

Atualizado

2025-02-03

CVE-2023-52810

CVSS v3.1

8.4

Alta

Vetor

AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to an incorrect bitwise shift operation in the Linux kernel, specifically in the JFS file system. The problem occurs when the l2nbperpage value is negative, which can cause an error when used as a shift exponent. This can potentially allow an attacker to access confidential data, disrupt its integrity, and cause a denial of service. The vulnerability was reported by Syzbot, and the error is identified as a shift-out-of-bounds in the fs/jfs/jfs dmap.c file.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Out of bounds Read

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-1335CWE-125CWE-119

Identificadores relacionados

BDU:2024-06907

CVE-2023-52810

OESA-2024-1707

OESA-2024-1736

OESA-2024-1737

OPENSUSE-SU-2024_2189-1

SUSE-SU-2024:2008-1

SUSE-SU-2024:2011-1

SUSE-SU-2024:2019-1

SUSE-SU-2024:2189-1

SUSE-SU-2024:2190-1

SUSE-SU-2024:2571-1

SUSE-SU-2024:2896-1

SUSE-SU-2024:2973-1

SUSE-SU-2025:20008-1

SUSE-SU-2025:20028-1

Produtos afetados

Astra Linux

Linux Kernel

Red Os

Suse

PT-2023-9352 · Linux+3 · Linux Kernel+3

CVE-2023-52810

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 2679