CVE-2022-49553
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-49553
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49553.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-49553
- Downstream
- Published
- 2025-02-26T02:14:02Z
- Modified
- 2025-10-15T23:06:28.597842Z
- Summary
- fs/ntfs3: validate BOOT sectors_per_clusters
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
fs/ntfs3: validate BOOT sectorsperclusters
When the NTFS BOOT sectorsperclusters field is > 0x80, it represents a shift value. Make sure that the shift value is not too large before using it (NTFS max cluster size is 2MB). Return -EVINVAL if it too large.
This prevents negative shift values and shift values that are larger than the field size.
Prevents this UBSAN error:
UBSAN: shift-out-of-bounds in ../fs/ntfs3/super.c:673:16 shift exponent -192 is negative
- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/4746c49b11b2403f5b5b07c6eac9e60663dcd9a3
- https://git.kernel.org/stable/c/58cf68a1886d14ffdc5c892ce483a82156769e88
- https://git.kernel.org/stable/c/a2b6986316a2d106f6951e76db70fa4b2fde64a9
- https://git.kernel.org/stable/c/a3b774342fa752a5290c0de36375289dfcf4a260
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced82cae269cfa953032fbb8980a7d554d60fb00b17Fixed58cf68a1886d14ffdc5c892ce483a82156769e88
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced82cae269cfa953032fbb8980a7d554d60fb00b17Fixed4746c49b11b2403f5b5b07c6eac9e60663dcd9a3
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced82cae269cfa953032fbb8980a7d554d60fb00b17Fixeda2b6986316a2d106f6951e76db70fa4b2fde64a9
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced82cae269cfa953032fbb8980a7d554d60fb00b17Fixeda3b774342fa752a5290c0de36375289dfcf4a260
Affected versions
v5.*
v5.14
v5.14-rc6
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.15.1
v5.15.10
v5.15.11
v5.15.12
v5.15.13
v5.15.14
v5.15.15
v5.15.16
v5.15.17
v5.15.18
v5.15.19
v5.15.2
v5.15.20
v5.15.21
v5.15.22
v5.15.23
v5.15.24
v5.15.25
v5.15.26
v5.15.27
v5.15.28
v5.15.29
v5.15.3
v5.15.30
v5.15.31
v5.15.32
v5.15.33
v5.15.34
v5.15.35
v5.15.36
v5.15.37
v5.15.38
v5.15.39
v5.15.4
v5.15.40
v5.15.41
v5.15.42
v5.15.43
v5.15.44
v5.15.5
v5.15.6
v5.15.7
v5.15.8
v5.15.9
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.17.1
v5.17.10
v5.17.11
v5.17.12
v5.17.2
v5.17.3
v5.17.4
v5.17.5
v5.17.6
v5.17.7
v5.17.8
v5.17.9
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.18.1