SB20240531209 - Out-of-bounds read in Linux kernel jfs

Description

This security bulletin contains information about 1 security vulnerability.

1) Out-of-bounds read (CVE-ID: CVE-2023-52810)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the dbMount() function in fs/jfs/jfs_dmap.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

• https://git.kernel.org/stable/c/cc61fcf7d1c99f148fe8ddfb5c6ed0bb75861f01
• https://git.kernel.org/stable/c/8f2964df6bfce9d92d81ca552010b8677af8d9dc
• https://git.kernel.org/stable/c/a81a56b4cbe3142cc99f6b98e8f9b3a631c768e1
• https://git.kernel.org/stable/c/524b4f203afcf87accfe387e846f33f916f0c907
• https://git.kernel.org/stable/c/5f148b16972e5f4592629b244d5109b15135f53f
• https://git.kernel.org/stable/c/0cb567e727339a192f9fd0db00781d73a91d15a6
• https://git.kernel.org/stable/c/491085258185ffc4fb91555b0dba895fe7656a45
• https://git.kernel.org/stable/c/1a7c53fdea1d189087544d9a606d249e93c4934b
• https://git.kernel.org/stable/c/525b861a008143048535011f3816d407940f4bfa
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.331
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.300
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.202
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.140
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.262
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.64
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.5.13
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.3
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.7