PT-2025-37663 · Linux+3 · Linux Kernel+3

Published

2023-06-20

Updated

2026-04-14

CVE-2023-53222

CVSS v3.1

7.1

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw in the jfs dmap.c file, specifically within the dbMount() function at line 181. A missing validation check for the db l2nbperpage variable can lead to a shift out-of-bounds crash when mounting a filesystem. The BLKTODMAP function uses db l2nbperpage for shifting, and an excessively large value, without proper validation, can cause the crash. The maximum valid value for db l2nbperpage is determined by L2PSIZE - L2MINBLOCKSIZE.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Buffer Overflow

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-125

Related Identifiers

BDU:2026-02264

CVE-2023-53222

SUSE-SU-2025:03600-1

SUSE-SU-2025:03615-1

SUSE-SU-2025:03628-1

SUSE-SU-2025:03634-1

SUSE-SU-2025:20851-1

SUSE-SU-2025:20861-1

SUSE-SU-2025:20870-1

SUSE-SU-2025:20898-1

SUSE-SU-2025:3716-1

SUSE-SU-2025:3751-1

SUSE-SU-2025:3761-1

SUSE-SU-2025:4057-1

SUSE-SU-2025:4132-1

SUSE-SU-2025:4141-1

Affected Products

Astra Linux

Linux Kernel

Red Os

Suse

PT-2025-37663 · Linux+3 · Linux Kernel+3

CVE-2023-53222

Weakness Enumeration

Related Identifiers

Affected Products

References · 2017