PT-2023-9352 · Linux+3 · Linux Kernel+3

Syzbot

Published

2023-10-03

Updated

2025-02-03

CVE-2023-52810

CVSS v3.1

8.4

High

Vector

AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to an incorrect bitwise shift operation in the Linux kernel, specifically in the JFS file system. The problem occurs when the l2nbperpage value is negative, which can cause an error when used as a shift exponent. This can potentially allow an attacker to access confidential data, disrupt its integrity, and cause a denial of service. The vulnerability was reported by Syzbot, and the error is identified as a shift-out-of-bounds in the fs/jfs/jfs dmap.c file.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Out of bounds Read

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-1335CWE-125CWE-119

Related Identifiers

BDU:2024-06907

CVE-2023-52810

OESA-2024-1707

OESA-2024-1736

OESA-2024-1737

OPENSUSE-SU-2024_2189-1

SUSE-SU-2024:2008-1

SUSE-SU-2024:2011-1

SUSE-SU-2024:2019-1

SUSE-SU-2024:2189-1

SUSE-SU-2024:2190-1

SUSE-SU-2024:2571-1

SUSE-SU-2024:2896-1

SUSE-SU-2024:2973-1

SUSE-SU-2025:20008-1

SUSE-SU-2025:20028-1

Affected Products

Astra Linux

Linux Kernel

Red Os

Suse

PT-2023-9352 · Linux+3 · Linux Kernel+3

CVE-2023-52810

Weakness Enumeration

Related Identifiers

Affected Products

References · 2679