{"id":"CVE-2023-52804","summary":"fs/jfs: Add validity check for db_maxag and db_agpref","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nfs/jfs: Add validity check for db_maxag and db_agpref\n\nBoth db_maxag and db_agpref are used as the index of the\ndb_agfree array, but there is currently no validity check for\ndb_maxag and db_agpref, which can lead to errors.\n\nThe following is related bug reported by Syzbot:\n\nUBSAN: array-index-out-of-bounds in fs/jfs/jfs_dmap.c:639:20\nindex 7936 is out of range for type 'atomic_t[128]'\n\nAdd checking that the values of db_maxag and db_agpref are valid\nindexes for the db_agfree array.","modified":"2026-04-11T12:46:36.549959Z","published":"2024-05-21T15:31:15.720Z","related":["SUSE-SU-2024:2008-1","SUSE-SU-2024:2011-1","SUSE-SU-2024:2019-1","SUSE-SU-2024:2189-1","SUSE-SU-2024:2190-1","SUSE-SU-2024:2571-1","SUSE-SU-2024:2896-1","SUSE-SU-2024:2973-1","SUSE-SU-2025:20008-1","SUSE-SU-2025:20028-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52804.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/1f74d336990f37703a8eee77153463d65b67f70e"},{"type":"WEB","url":"https://git.kernel.org/stable/c/2323de34a3ae61a9f9b544c18583f71cea86721f"},{"type":"WEB","url":"https://git.kernel.org/stable/c/32bd8f1cbcf8b663e29dd1f908ba3a129541a11b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/5013f8269887642cca784adc8db9b5f0b771533f"},{"type":"WEB","url":"https://git.kernel.org/stable/c/64933ab7b04881c6c18b21ff206c12278341c72e"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a0649e2dd4a3595b5595a29d0064d047c2fae2fb"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c6c8863fb3f57700ab583d875adda04caaf2278a"},{"type":"WEB","url":"https://git.kernel.org/stable/c/ce15b0f1a431168f07b1cc6c9f71206a2db5c809"},{"type":"WEB","url":"https://git.kernel.org/stable/c/dca403bb035a565bb98ecc1dda5d30f676feda40"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52804.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52804"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2"},{"fixed":"a0649e2dd4a3595b5595a29d0064d047c2fae2fb"},{"fixed":"ce15b0f1a431168f07b1cc6c9f71206a2db5c809"},{"fixed":"32bd8f1cbcf8b663e29dd1f908ba3a129541a11b"},{"fixed":"c6c8863fb3f57700ab583d875adda04caaf2278a"},{"fixed":"1f74d336990f37703a8eee77153463d65b67f70e"},{"fixed":"5013f8269887642cca784adc8db9b5f0b771533f"},{"fixed":"dca403bb035a565bb98ecc1dda5d30f676feda40"},{"fixed":"2323de34a3ae61a9f9b544c18583f71cea86721f"},{"fixed":"64933ab7b04881c6c18b21ff206c12278341c72e"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-52804.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"2.6.12"},{"fixed":"4.14.331"}]},{"type":"ECOSYSTEM","events":[{"introduced":"4.15.0"},{"fixed":"4.19.300"}]},{"type":"ECOSYSTEM","events":[{"introduced":"4.20.0"},{"fixed":"5.4.262"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.5.0"},{"fixed":"5.10.202"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.140"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.64"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.5.13"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.6.0"},{"fixed":"6.6.3"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-52804.json"}}],"schema_version":"1.7.5"}