Volerion logoVolerion
Volerion logoVolerion

Linux Kernel JFS Shift-Out-Of-Bounds Vulnerability in dbDiscardAG Function

Vulnerability

A shift-out-of-bounds vulnerability has been identified in the Linux kernel's JFS (Journaled File System) implementation, specifically within the dbDiscardAG function. This vulnerability arises from improper handling of the bmap descriptor, which can be exploited by the syzbot fuzzer. The issue affects several versions of the Linux kernel.

Impact

Exploitation of this vulnerability could lead to out-of-bounds memory access, potentially causing undefined behavior such as memory corruption or application crashes.

Reproduction

The vulnerability can be reproduced by using the syzbot fuzzer, which will feed invalid data into the bmap descriptor, triggering the out-of-bounds shift in the dbDiscardAG function.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been patched. Instructions for downloading the latest kernel version can be found on the official Linux kernel website.

Added: Sep 15, 2025, 6:21 PM
Updated: Sep 15, 2025, 6:21 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
5.7
remediation
7.7
relevance
0.5
threat
4.8
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.