2348211 – (CVE-2022-49553) CVE-2022-49553 kernel: fs/ntfs3: validate BOOT sectors_per_clusters

Bug 2348211 (CVE-2022-49553) - CVE-2022-49553 kernel: fs/ntfs3: validate BOOT sectors_per_clusters

Summary: CVE-2022-49553 kernel: fs/ntfs3: validate BOOT sectors_per_clusters

Keywords:
Status:	NEW
Alias:	CVE-2022-49553
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2025-02-26 03:21 UTC by OSIDB Bzimport
Modified:	2025-02-26 17:31 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2025-02-26 03:21:30 UTC

In the Linux kernel, the following vulnerability has been resolved:

fs/ntfs3: validate BOOT sectors_per_clusters

When the NTFS BOOT sectors_per_clusters field is > 0x80, it represents a
shift value.  Make sure that the shift value is not too large before using
it (NTFS max cluster size is 2MB).  Return -EVINVAL if it too large.

This prevents negative shift values and shift values that are larger than
the field size.

Prevents this UBSAN error:

 UBSAN: shift-out-of-bounds in ../fs/ntfs3/super.c:673:16
 shift exponent -192 is negative

Comment 1 Avinash Hanwate 2025-02-26 13:02:14 UTC

Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2025022616-CVE-2022-49553-4466@gregkh/T

Comment 2 Avinash Hanwate 2025-02-26 17:24:37 UTC

Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2025022616-CVE-2022-49553-4466@gregkh/T

Note You need to log in before you can comment on or make changes to this bug.