Linux Kernel NTFS3 Subsystem Out-of-Bounds Shift Vulnerability

A shift-out-of-bounds vulnerability has been identified in the Linux kernel's NTFS3 file system implementation. This issue arises in the 'true_sectors_per_clst' function, where a negative shift exponent can lead to undefined behavior. The vulnerability was reported by syzbot, which highlighted a UBSAN (Undefined Behavior Sanitizer) error related to the improper handling of cluster sector data. The problem has been addressed by modifying the shift operation to ensure it is safe and valid.

Impact

Exploitation of this vulnerability could lead to undefined behavior in the kernel, potentially causing crashes or other unpredictable system issues.

Reproduction

The vulnerability can be reproduced by using the NTFS3 file system in the Linux kernel. The 'true_sectors_per_clst' function will generate a UBSAN error due to a negative shift exponent, indicating the presence of the out-of-bounds shift issue.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been patched. The specific commit addressing this issue is 'caad9dd8792a2622737b7273cb34835fd9536cd2', which is available in the Linux kernel stable tree.