PT-2024-14644 · Linux+6 · Linux Kernel+6

Syzbot

·

Published

2024-01-02

·

Updated

2025-09-29

·

CVE-2023-52599

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.7.0
Description The issue is related to an array-index-out-of-bounds error in the diNewExt function in the JFS file system. When the agstart value is too large, it can cause an agno overflow. This error is detected by the UBSAN (Undefined Behavior Sanitizer) tool. The error occurs in the fs/jfs/jfs imap.c file at line 2360. The fix involves checking the validity of the agno value after it is obtained and exiting the subsequent process if the value is invalid.
Recommendations To resolve this issue, update the Linux kernel to a version that includes the fix for the array-index-out-of-bounds error in the diNewExt function. As a temporary workaround, consider disabling the jfs file system until a patched version of the kernel is available.

Exploit

Fix

Improper Validation of Array Index

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-129

Related Identifiers

ALSA-2025_16880
ALT-PU-2024-3457
BDU:2025-07475
CVE-2023-52599
DLA-3840-1
DLA-3842-1
DSA-5658-1
DSA-5681-1
OESA-2024-1353
OESA-2024-1355
OESA-2024-1356
OESA-2024-1357
OESA-2024-1392
OESA-2024-1393
OPENSUSE-SU-2024_1322-1
OPENSUSE-SU-2024_1322-2
OPENSUSE-SU-2024_1332-1
OPENSUSE-SU-2024_1332-2
OPENSUSE-SU-2024_1466-1
OPENSUSE-SU-2024_1480-1
OPENSUSE-SU-2024_1490-1
SUSE-SU-2024:1466-1
SUSE-SU-2024:1480-1
SUSE-SU-2024:1490-1
USN-6688-1
USN-6765-1
USN-6766-1
USN-6766-2
USN-6766-3
USN-6767-1
USN-6767-2
USN-6795-1
USN-6818-1
USN-6818-2
USN-6818-3
USN-6818-4
USN-6819-1
USN-6819-2
USN-6819-3
USN-6819-4
USN-6828-1
USN-7121-1
USN-7121-2
USN-7121-3
USN-7148-1

Affected Products

Alt Linux
Astra Linux
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu