CVE-2022-49553
- Source
- https://cve.org/CVERecord?id=CVE-2022-49553
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49553.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-49553
- Downstream
- Published
- 2025-02-26T02:14:02.183Z
- Modified
- 2026-03-12T03:25:22.763240Z
- Summary
- fs/ntfs3: validate BOOT sectors_per_clusters
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
fs/ntfs3: validate BOOT sectorsperclusters
When the NTFS BOOT sectorsperclusters field is > 0x80, it represents a shift value. Make sure that the shift value is not too large before using it (NTFS max cluster size is 2MB). Return -EVINVAL if it too large.
This prevents negative shift values and shift values that are larger than the field size.
Prevents this UBSAN error:
UBSAN: shift-out-of-bounds in ../fs/ntfs3/super.c:673:16 shift exponent -192 is negative
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49553.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/4746c49b11b2403f5b5b07c6eac9e60663dcd9a3
- https://git.kernel.org/stable/c/58cf68a1886d14ffdc5c892ce483a82156769e88
- https://git.kernel.org/stable/c/a2b6986316a2d106f6951e76db70fa4b2fde64a9
- https://git.kernel.org/stable/c/a3b774342fa752a5290c0de36375289dfcf4a260
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49553.json
- https://nvd.nist.gov/vuln/detail/CVE-2022-49553
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced82cae269cfa953032fbb8980a7d554d60fb00b17Fixed58cf68a1886d14ffdc5c892ce483a82156769e88Fixed4746c49b11b2403f5b5b07c6eac9e60663dcd9a3Fixeda2b6986316a2d106f6951e76db70fa4b2fde64a9Fixeda3b774342fa752a5290c0de36375289dfcf4a260