๐Ÿ” CVE Alert

CVE-2023-53222

HIGH 7.1

jfs: jfs_dmap: Validate db_l2nbperpage while mounting

CVSS Score
7.1
EPSS Score
0.0%
EPSS Percentile
0th

In the Linux kernel, the following vulnerability has been resolved: jfs: jfs_dmap: Validate db_l2nbperpage while mounting In jfs_dmap.c at line 381, BLKTODMAP is used to get a logical block number inside dbFree(). db_l2nbperpage, which is the log2 number of blocks per page, is passed as an argument to BLKTODMAP which uses it for shifting. Syzbot reported a shift out-of-bounds crash because db_l2nbperpage is too big. This happens because the large value is set without any validation in dbMount() at line 181. Thus, make sure that db_l2nbperpage is correct while mounting. Max number of blocks per page = Page size / Min block size => log2(Max num_block per page) = log2(Page size / Min block size) = log2(Page size) - log2(Min block size) => Max db_l2nbperpage = L2PSIZE - L2MINBLOCKSIZE

Vendor linux
Product linux
Ecosystems
Industries
Technology
Published Sep 15, 2025
Last Updated May 11, 2026
Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new high vulnerabilities affecting linux linux are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

Linux / Linux
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 8c1efe3f74a7864461b0dff281c5562154b4aa8e 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < ef5c205b6e6f8d1f18ef0b4a9832b1b5fa85f7f2 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < a4855aeb13e4ad1f23e16753b68212e180f7d848 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 47b7eaae08e8b2f25bdf37bc14d21be090bcb20f 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < de984faecddb900fa850af4df574a25b32bb93f5 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < c7feb54b113802d2aba98708769d3c33fb017254 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 2a03c4e683d33d17b667418eb717b13dda1fac6b 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 11509910c599cbd04585ec35a6d5e1a0053d84c1
Linux / Linux
2.6.12

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
git.kernel.org: https://git.kernel.org/stable/c/8c1efe3f74a7864461b0dff281c5562154b4aa8e git.kernel.org: https://git.kernel.org/stable/c/ef5c205b6e6f8d1f18ef0b4a9832b1b5fa85f7f2 git.kernel.org: https://git.kernel.org/stable/c/a4855aeb13e4ad1f23e16753b68212e180f7d848 git.kernel.org: https://git.kernel.org/stable/c/47b7eaae08e8b2f25bdf37bc14d21be090bcb20f git.kernel.org: https://git.kernel.org/stable/c/de984faecddb900fa850af4df574a25b32bb93f5 git.kernel.org: https://git.kernel.org/stable/c/c7feb54b113802d2aba98708769d3c33fb017254 git.kernel.org: https://git.kernel.org/stable/c/2a03c4e683d33d17b667418eb717b13dda1fac6b git.kernel.org: https://git.kernel.org/stable/c/11509910c599cbd04585ec35a6d5e1a0053d84c1