1. Home
  2. Vulnerabilities
  3. CVE-2023-53222
0.0
NA
CVE-2023-53222
jfs: jfs_dmap: Validate db_l2nbperpage while mounting
Description

In the Linux kernel, the following vulnerability has been resolved: jfs: jfs_dmap: Validate db_l2nbperpage while mounting In jfs_dmap.c at line 381, BLKTODMAP is used to get a logical block number inside dbFree(). db_l2nbperpage, which is the log2 number of blocks per page, is passed as an argument to BLKTODMAP which uses it for shifting. Syzbot reported a shift out-of-bounds crash because db_l2nbperpage is too big. This happens because the large value is set without any validation in dbMount() at line 181. Thus, make sure that db_l2nbperpage is correct while mounting. Max number of blocks per page = Page size / Min block size => log2(Max num_block per page) = log2(Page size / Min block size) = log2(Page size) - log2(Min block size) => Max db_l2nbperpage = L2PSIZE - L2MINBLOCKSIZE

INFO

Published Date :

Sept. 15, 2025, 3:15 p.m.

Last Modified :

Sept. 15, 2025, 3:22 p.m.

Remotely Exploit :

No

Source :

416baaa9-dc9f-4396-8d5f-8c081fb06d67
Affected Products

The following products are affected by CVE-2023-53222 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Linux linux_kernel
: Total Affected Vendor : 1 | Products : 1
Solution
Validate db_l2nbperpage during mount to prevent shift-out-of-bounds crashes.
  • Validate db_l2nbperpage is within expected limits.
  • Ensure block size and page size are correctly configured.
  • Apply kernel patches that include this validation.
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2023-53222.

URL Resource
https://git.kernel.org/stable/c/11509910c599cbd04585ec35a6d5e1a0053d84c1
https://git.kernel.org/stable/c/2a03c4e683d33d17b667418eb717b13dda1fac6b
https://git.kernel.org/stable/c/47b7eaae08e8b2f25bdf37bc14d21be090bcb20f
https://git.kernel.org/stable/c/8c1efe3f74a7864461b0dff281c5562154b4aa8e
https://git.kernel.org/stable/c/a4855aeb13e4ad1f23e16753b68212e180f7d848
https://git.kernel.org/stable/c/c7feb54b113802d2aba98708769d3c33fb017254
https://git.kernel.org/stable/c/de984faecddb900fa850af4df574a25b32bb93f5
https://git.kernel.org/stable/c/ef5c205b6e6f8d1f18ef0b4a9832b1b5fa85f7f2
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2023-53222 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2023-53222 weaknesses.

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2023-53222 vulnerability anywhere in the article.

Results are limited to the first 20 news articles due to potential performance issues.

The following table lists the changes that have been made to the CVE-2023-53222 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • New CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Sep. 15, 2025

    Action Type Old Value New Value
    Added Description In the Linux kernel, the following vulnerability has been resolved: jfs: jfs_dmap: Validate db_l2nbperpage while mounting In jfs_dmap.c at line 381, BLKTODMAP is used to get a logical block number inside dbFree(). db_l2nbperpage, which is the log2 number of blocks per page, is passed as an argument to BLKTODMAP which uses it for shifting. Syzbot reported a shift out-of-bounds crash because db_l2nbperpage is too big. This happens because the large value is set without any validation in dbMount() at line 181. Thus, make sure that db_l2nbperpage is correct while mounting. Max number of blocks per page = Page size / Min block size => log2(Max num_block per page) = log2(Page size / Min block size) = log2(Page size) - log2(Min block size) => Max db_l2nbperpage = L2PSIZE - L2MINBLOCKSIZE
    Added Reference https://git.kernel.org/stable/c/11509910c599cbd04585ec35a6d5e1a0053d84c1
    Added Reference https://git.kernel.org/stable/c/2a03c4e683d33d17b667418eb717b13dda1fac6b
    Added Reference https://git.kernel.org/stable/c/47b7eaae08e8b2f25bdf37bc14d21be090bcb20f
    Added Reference https://git.kernel.org/stable/c/8c1efe3f74a7864461b0dff281c5562154b4aa8e
    Added Reference https://git.kernel.org/stable/c/a4855aeb13e4ad1f23e16753b68212e180f7d848
    Added Reference https://git.kernel.org/stable/c/c7feb54b113802d2aba98708769d3c33fb017254
    Added Reference https://git.kernel.org/stable/c/de984faecddb900fa850af4df574a25b32bb93f5
    Added Reference https://git.kernel.org/stable/c/ef5c205b6e6f8d1f18ef0b4a9832b1b5fa85f7f2
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
Vulnerability Scoring Details
No CVSS metrics available for this vulnerability.