CVE-2022-50567Out-of-bounds Read in Linux

CWE-125Out-of-bounds Read6 documents5 sources
Severity
7.5HIGH
No vector
EPSS
0.1%
top 80.97%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedOct 22

Description

In the Linux kernel, the following vulnerability has been resolved: fs: jfs: fix shift-out-of-bounds in dbAllocAG Syzbot found a crash : UBSAN: shift-out-of-bounds in dbAllocAG. The underlying bug is the missing check of bmp->db_agl2size. The field can be greater than 64 and trigger the shift-out-of-bounds. Fix this bug by adding a check of bmp->db_agl2size in dbMount since this field is used in many following functions. The upper bound for this field is L2MAXL2SIZE - L2MAXAG, thanks for the

Affected Packages4 packages

Linuxlinux/linux_kernel2.6.124.9.337+7
Debianlinux/linux_kernel< 5.10.178-1+3
CVEListV5linux/linux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2d3b486946a4e62c7ef6023f7d9c1d049051384ba+9
debiandebian/linux< linux 6.1.4-1 (bookworm)

🔴Vulnerability Details

3
OSV
fs: jfs: fix shift-out-of-bounds in dbAllocAG2025-10-22
GHSA
GHSA-f88f-286j-xf6g: In the Linux kernel, the following vulnerability has been resolved: fs: jfs: fix shift-out-of-bounds in dbAllocAG Syzbot found a crash : UBSAN: shif2025-10-22
OSV
CVE-2022-50567: In the Linux kernel, the following vulnerability has been resolved: fs: jfs: fix shift-out-of-bounds in dbAllocAG Syzbot found a crash : UBSAN: shift-2025-10-22

📋Vendor Advisories

2
Red Hat
kernel: fs: jfs: fix shift-out-of-bounds in dbAllocAG2025-10-22
Debian
CVE-2022-50567: linux - In the Linux kernel, the following vulnerability has been resolved: fs: jfs: fi...2022