7.8

CVE-2024-56598

jfs: array-index-out-of-bounds fix in dtReadFirst

In the Linux kernel, the following vulnerability has been resolved:

jfs: array-index-out-of-bounds fix in dtReadFirst

The value of stbl can be sometimes out of bounds due
to a bad filesystem. Added a check with appopriate return
of error code in that case.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 5.4.287
LinuxLinux Kernel Version >= 5.5 < 5.10.231
LinuxLinux Kernel Version >= 5.11 < 5.15.174
LinuxLinux Kernel Version >= 5.16 < 6.1.120
LinuxLinux Kernel Version >= 6.2 < 6.6.66
LinuxLinux Kernel Version >= 6.7 < 6.12.5
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.25% 0.154
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-129 Improper Validation of Array Index

The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.

https://git.kernel.org/stable/c/22dcbf7661c6ffc3247978c254dc40b833a0d429
Patch
https://git.kernel.org/stable/c/25f1e673ef61d6bf9a6022e27936785896d74948
Patch
https://git.kernel.org/stable/c/2eea5fda5556ef03defebf07b0a12fcd2c5210f4
Patch
https://git.kernel.org/stable/c/823d573f5450ca6be80b36f54d1902ac7cd23fb9
Patch
https://git.kernel.org/stable/c/8c97a4d5463a1c972ef576ac499ea9b05f956097
Patch
https://git.kernel.org/stable/c/ca84a2c9be482836b86d780244f0357e5a778c46
Patch
https://git.kernel.org/stable/c/fd993b2180b4c373af8b99aa28d4dcda5c2a8f10
Patch
https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html
https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html