Google Git
Sign in
kernel / pub / scm / linux / security / vulns / refs/heads/sasha-vulnerable / . / cve / published / 2022 / CVE-2022-49553.json
blob: fab0a66440e807b67cb9fc92c932f5a692f81df5 [file] [log] [blame]
{
"containers": {
"cna": {
"providerMetadata": {
"orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038"
},
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: validate BOOT sectors_per_clusters\n\nWhen the NTFS BOOT sectors_per_clusters field is > 0x80, it represents a\nshift value. Make sure that the shift value is not too large before using\nit (NTFS max cluster size is 2MB). Return -EVINVAL if it too large.\n\nThis prevents negative shift values and shift values that are larger than\nthe field size.\n\nPrevents this UBSAN error:\n\n UBSAN: shift-out-of-bounds in ../fs/ntfs3/super.c:673:16\n shift exponent -192 is negative"
}
],
"affected": [
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "unaffected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"fs/ntfs3/super.c"
],
"versions": [
{
"version": "82cae269cfa953032fbb8980a7d554d60fb00b17",
"lessThan": "58cf68a1886d14ffdc5c892ce483a82156769e88",
"status": "affected",
"versionType": "git"
},
{
"version": "82cae269cfa953032fbb8980a7d554d60fb00b17",
"lessThan": "4746c49b11b2403f5b5b07c6eac9e60663dcd9a3",
"status": "affected",
"versionType": "git"
},
{
"version": "82cae269cfa953032fbb8980a7d554d60fb00b17",
"lessThan": "a2b6986316a2d106f6951e76db70fa4b2fde64a9",
"status": "affected",
"versionType": "git"
},
{
"version": "82cae269cfa953032fbb8980a7d554d60fb00b17",
"lessThan": "a3b774342fa752a5290c0de36375289dfcf4a260",
"status": "affected",
"versionType": "git"
}
]
},
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "affected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"fs/ntfs3/super.c"
],
"versions": [
{
"version": "5.15",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.15",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.45",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.17.13",
"lessThanOrEqual": "5.17.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.18.2",
"lessThanOrEqual": "5.18.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.19",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.15",
"versionEndExcluding": "5.15.45"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.15",
"versionEndExcluding": "5.17.13"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.15",
"versionEndExcluding": "5.18.2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.15",
"versionEndExcluding": "5.19"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/58cf68a1886d14ffdc5c892ce483a82156769e88"
},
{
"url": "https://git.kernel.org/stable/c/4746c49b11b2403f5b5b07c6eac9e60663dcd9a3"
},
{
"url": "https://git.kernel.org/stable/c/a2b6986316a2d106f6951e76db70fa4b2fde64a9"
},
{
"url": "https://git.kernel.org/stable/c/a3b774342fa752a5290c0de36375289dfcf4a260"
}
],
"title": "fs/ntfs3: validate BOOT sectors_per_clusters",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038",
"cveID": "CVE-2022-49553",
"requesterUserId": "gregkh@kernel.org",
"serial": "1",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.0"
}