CVE-2022-50567
- Source
- https://cve.org/CVERecord?id=CVE-2022-50567
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-50567.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-50567
- Downstream
- Related
- Published
- 2025-10-22T13:23:24.508Z
- Modified
- 2026-03-20T11:47:31.733263Z
- Summary
- fs: jfs: fix shift-out-of-bounds in dbAllocAG
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
fs: jfs: fix shift-out-of-bounds in dbAllocAG
Syzbot found a crash : UBSAN: shift-out-of-bounds in dbAllocAG. The underlying bug is the missing check of bmp->db_agl2size. The field can be greater than 64 and trigger the shift-out-of-bounds.
Fix this bug by adding a check of bmp->db_agl2size in dbMount since this field is used in many following functions. The upper bound for this field is L2MAXL2SIZE - L2MAXAG, thanks for the help of Dave Kleikamp. Note that, for maintenance, I reorganized error handling code of dbMount.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50567.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/0536f76a2bca83d1a3740517ba22cc93a44b3099
- https://git.kernel.org/stable/c/2c575c8905f7a8b32d5611b91856b69bac2a5bf1
- https://git.kernel.org/stable/c/3115313cf03113e87c87adee18ee49a20bbdb9ba
- https://git.kernel.org/stable/c/359616ce587e524107730504891afa4b1a8be58c
- https://git.kernel.org/stable/c/3e997e4ce8ae7ab89d72334120f6aee49c5bbdbd
- https://git.kernel.org/stable/c/67973caae78e21ee46a7281aaa8ca364eb9c444f
- https://git.kernel.org/stable/c/898f706695682b9954f280d95e49fa86ffa55d08
- https://git.kernel.org/stable/c/d3b486946a4e62c7ef6023f7d9c1d049051384ba
- https://git.kernel.org/stable/c/eea87acb6027be3dd4d3c57186bb22800d57fdda
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50567.json
- https://nvd.nist.gov/vuln/detail/CVE-2022-50567
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced1da177e4c3f41524e886b7f1b8a0c1fc7321cac2Fixedd3b486946a4e62c7ef6023f7d9c1d049051384baFixed3115313cf03113e87c87adee18ee49a20bbdb9baFixedeea87acb6027be3dd4d3c57186bb22800d57fddaFixed359616ce587e524107730504891afa4b1a8be58cFixed3e997e4ce8ae7ab89d72334120f6aee49c5bbdbdFixed0536f76a2bca83d1a3740517ba22cc93a44b3099Fixed2c575c8905f7a8b32d5611b91856b69bac2a5bf1Fixed67973caae78e21ee46a7281aaa8ca364eb9c444fFixed898f706695682b9954f280d95e49fa86ffa55d08
Linux / Kernel
Package
- Name
- Kernel
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced2.6.12Fixed4.9.337
- Type
- ECOSYSTEM
- Events
-
Introduced4.10.0Fixed4.14.303
- Type
- ECOSYSTEM
- Events
-
Introduced4.15.0Fixed4.19.270
- Type
- ECOSYSTEM
- Events
-
Introduced4.20.0Fixed5.4.229
- Type
- ECOSYSTEM
- Events
-
Introduced5.5.0Fixed5.10.163
- Type
- ECOSYSTEM
- Events
-
Introduced5.11.0Fixed5.15.86
- Type
- ECOSYSTEM
- Events
-
Introduced5.16.0Fixed6.0.16
- Type
- ECOSYSTEM
- Events
-
Introduced6.1.0Fixed6.1.2