Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com

CVE-2025-37858

Description

In the Linux kernel, the following vulnerability has been resolved:fs/jfs: Prevent integer overflow in AG size calculationThe JFS filesystem calculates allocation group (AG) size using 1 <2TBaggregates on 32-bit systems), this 32-bit shift operation causes undefinedbehavior and improper AG sizing.On 32-bit architectures:- Left-shifting 1 by 32+ bits results in 0 due to integer overflow- This creates invalid AG sizes (0 or garbage values) insbi->bmap->db_agsize- Subsequent block allocations would reference invalid AG structures- Could lead to: - Filesystem corruption during extend operations - Kernel crashes due to invalid memory accesses - Security vulnerabilities via malformed on-disk structuresFix by casting to s64 before shifting:bmp->db_agsize = (s64)1 << l2agsize;This ensures 64-bit arithmetic even on 32-bit architectures. The castmatches the data type of db_agsize (s64) and follows similar patterns inJFS block calculation code.Found by Linux Verification Center (linuxtesting.org) with SVACE.

POC

Reference

No PoCs from references.

Github

- https://github.com/w4zu/Debian_security