CVE-2024-56598: jfs: array-index-out-of-bounds fix in dtReadFirst
First published: Fri Dec 27 2024(Updated: )
In the Linux kernel, the following vulnerability has been resolved: jfs: array-index-out-of-bounds fix in dtReadFirst The value of stbl can be sometimes out of bounds due to a bad filesystem. Added a check with appopriate return of error code in that case.
Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linux Kernel | <5.4.287 | |
| Linux Kernel | >=5.5<5.10.231 | |
| Linux Kernel | >=5.11<5.15.174 | |
| Linux Kernel | >=5.16<6.1.120 | |
| Linux Kernel | >=6.2<6.6.66 | |
| Linux Kernel | >=6.7<6.12.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://git.kernel.org/stable/c/25f1e673ef61d6bf9a6022e27936785896d74948
- https://git.kernel.org/stable/c/8c97a4d5463a1c972ef576ac499ea9b05f956097
- https://git.kernel.org/stable/c/823d573f5450ca6be80b36f54d1902ac7cd23fb9
- https://git.kernel.org/stable/c/2eea5fda5556ef03defebf07b0a12fcd2c5210f4
- https://git.kernel.org/stable/c/fd993b2180b4c373af8b99aa28d4dcda5c2a8f10
- https://git.kernel.org/stable/c/22dcbf7661c6ffc3247978c254dc40b833a0d429
- https://git.kernel.org/stable/c/ca84a2c9be482836b86d780244f0357e5a778c46
Frequently Asked Questions
What is the severity of CVE-2024-56598?
CVE-2024-56598 has a moderate severity rating due to its potential to cause array-index-out-of-bounds issues in the Linux kernel.
How do I fix CVE-2024-56598?
To resolve CVE-2024-56598, upgrade the Linux kernel to a version later than 5.4.287 or within the specified ranges of affected versions.
What are the affected versions for CVE-2024-56598 in the Linux kernel?
CVE-2024-56598 affects Linux kernel versions from 5.5 up to 5.4.287, from 5.11 up to 5.15.174, from 5.16 up to 6.1.120, between 6.2 and 6.6.66, and from 6.7 up to 6.12.5.
What kind of error does CVE-2024-56598 address in the Linux kernel?
CVE-2024-56598 addresses an array-index-out-of-bounds issue in the dtReadFirst function of the JFS (Journaling File System) in the Linux kernel.
Who is affected by CVE-2024-56598?
Users and administrators of the affected Linux kernel versions utilizing the JFS will be impacted by CVE-2024-56598.
- agent/title
- agent/references
- agent/type
- agent/description
- agent/first-publish-date
- agent/author
- agent/event
- agent/severity
- agent/weakness
- agent/remedy
- agent/softwarecombine
- agent/source
- agent/tags
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/linux
- canonical/linux kernel
- version/linux kernel/5.5
- version/linux kernel/5.11
- version/linux kernel/5.16
- version/linux kernel/6.2
- version/linux kernel/6.7