PT-2024-14647 · Linux+6 · Linux Kernel+6

Published

2023-11-21

·

Updated

2025-09-29

·

CVE-2023-52604

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.0-rc3-syzkaller
Description The issue is caused when the value of lp becomes greater than CTLTREESIZE, which is the maximum size of stree. This results in an array-index-out-of-bounds error in the dbAdjTree function. The vulnerability was reported by Syzkaller and is identified by the error message "UBSAN: array-index-out-of-bounds in fs/jfs/jfs dmap.c:2867:6 index 196694 is out of range for type 's8[1365]' (aka 'signed char[1365]')".
Recommendations To resolve the issue, update the Linux kernel to a version that includes the patch for this vulnerability. If updating is not possible, consider adding a simple check to prevent the value of lp from exceeding CTLTREESIZE. As a temporary workaround, consider using WARN ON ONCE for lack of a cleaner option, as modified by Dave in Osama's patch.

Exploit

Fix

Improper Validation of Array Index

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-129

Related Identifiers

ALSA-2025_16880
ALT-PU-2024-3457
BDU:2025-07478
CVE-2023-52604
DLA-3840-1
DLA-3842-1
DSA-5658-1
DSA-5681-1
OESA-2024-1344
OESA-2024-1345
OESA-2024-1346
OESA-2024-1347
OESA-2024-1348
OESA-2024-1349
OPENSUSE-SU-2024_1322-1
OPENSUSE-SU-2024_1322-2
OPENSUSE-SU-2024_1332-1
OPENSUSE-SU-2024_1332-2
OPENSUSE-SU-2024_1466-1
OPENSUSE-SU-2024_1480-1
OPENSUSE-SU-2024_1490-1
SUSE-SU-2024:1466-1
SUSE-SU-2024:1480-1
SUSE-SU-2024:1490-1
USN-6688-1
USN-6765-1
USN-6766-1
USN-6766-2
USN-6766-3
USN-6767-1
USN-6767-2
USN-6774-1
USN-6777-1
USN-6777-2
USN-6777-3
USN-6777-4
USN-6778-1
USN-6795-1
USN-6828-1

Affected Products

Alt Linux
Astra Linux
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu