{"id":"AZL-53117","summary":"CVE-2023-52601 affecting package kernel for versions less than 6.6.57.1-5","details":"In the Linux kernel, the following vulnerability has been resolved:\n\njfs: fix array-index-out-of-bounds in dbAdjTree\n\nCurrently there is a bound check missing in the dbAdjTree while\naccessing the dmt_stree. To add the required check added the bool is_ctl\nwhich is required to determine the size as suggest in the following\ncommit.\nhttps://lore.kernel.org/linux-kernel-mentees/f9475918-2186-49b8-b801-6f0f9e75f4fa@oracle.com/","modified":"2026-04-21T04:33:36.789051Z","published":"2024-03-06T07:15:10Z","upstream":["CVE-2023-52601"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52601"}],"affected":[{"package":{"name":"kernel","ecosystem":"Azure Linux:3","purl":"pkg:rpm/azure-linux/kernel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.6.57.1-5"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-53117.json"}}],"schema_version":"1.7.5"}