{"id":"CVE-2023-52601","summary":"jfs: fix array-index-out-of-bounds in dbAdjTree","details":"In the Linux kernel, the following vulnerability has been resolved:\n\njfs: fix array-index-out-of-bounds in dbAdjTree\n\nCurrently there is a bound check missing in the dbAdjTree while\naccessing the dmt_stree. To add the required check added the bool is_ctl\nwhich is required to determine the size as suggest in the following\ncommit.\nhttps://lore.kernel.org/linux-kernel-mentees/f9475918-2186-49b8-b801-6f0f9e75f4fa@oracle.com/","modified":"2026-04-02T09:43:06.875597Z","published":"2024-03-06T06:45:28.715Z","related":["SUSE-SU-2024:1466-1","SUSE-SU-2024:1480-1","SUSE-SU-2024:1490-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52601.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/2037cb9d95f1741885f7daf50e8a028c4ade5317"},{"type":"WEB","url":"https://git.kernel.org/stable/c/2e16a1389b5a7983b45cb2aa20b0e3f0ee364d6c"},{"type":"WEB","url":"https://git.kernel.org/stable/c/3d3898b4d72c677d47fe3cb554449f2df5c12555"},{"type":"WEB","url":"https://git.kernel.org/stable/c/3f8217c323fd6ecd6829a0c3ae7ac3f14eac368e"},{"type":"WEB","url":"https://git.kernel.org/stable/c/70780914cb57e2ba711e0ac1b677aaaa75103603"},{"type":"WEB","url":"https://git.kernel.org/stable/c/74ecdda68242b174920fe7c6133a856fb7d8559b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/8393c80cce45f40c1256d72e21ad351b3650c57e"},{"type":"WEB","url":"https://git.kernel.org/stable/c/fc67a2e18f4c4e3f07e9f9ae463da24530470e73"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52601.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52601"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2"},{"fixed":"3d3898b4d72c677d47fe3cb554449f2df5c12555"},{"fixed":"3f8217c323fd6ecd6829a0c3ae7ac3f14eac368e"},{"fixed":"2037cb9d95f1741885f7daf50e8a028c4ade5317"},{"fixed":"8393c80cce45f40c1256d72e21ad351b3650c57e"},{"fixed":"70780914cb57e2ba711e0ac1b677aaaa75103603"},{"fixed":"2e16a1389b5a7983b45cb2aa20b0e3f0ee364d6c"},{"fixed":"fc67a2e18f4c4e3f07e9f9ae463da24530470e73"},{"fixed":"74ecdda68242b174920fe7c6133a856fb7d8559b"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-52601.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}