CVE-2022-50567

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw within the JFS filesystem implementation. A shift-out-of-bounds condition exists in the dbAllocAG function due to a missing check on the bmp->db agl2size field. This field, if greater than 64, can trigger the issue. The fix involves adding a check for bmp->db agl2size within the dbMount function, as this field is utilized in multiple subsequent functions. The upper bound for this field is L2MAXL2SIZE - L2MAXAG. The error handling code within dbMount was also reorganized as part of the fix.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.