Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
In the Linux kernel, the following vulnerability has been resolved:jfs: fix out-of-bounds in dbNextAG() and diAlloc()In dbNextAG() , there is no check for the case where bmp->db_numag isgreater or same than MAXAG due to a polluted image, which causes anout-of-bounds. Therefore, a bounds check should be added in dbMount().And in dbNextAG(), a check for the case where agpref is greater thanbmp->db_numag should be added, so an out-of-bounds exception should beprevented.Additionally, a check for the case where agno is greater or same thanMAXAG should be added in diAlloc() to prevent out-of-bounds.
No PoCs from references.
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/w4zu/Debian_security