Linux Kernel JFS Filesystem Integer Overflow Vulnerability in Allocation Group Size Calculation

Vulnerability

A vulnerability in the Linux kernel's JFS filesystem has been addressed, which involved an integer overflow in the calculation of allocation group (AG) size. This issue arose on 32-bit systems when the logarithmic AG size exceeded 31, leading to undefined behavior and incorrect AG sizing. The flawed calculation could result in invalid AG sizes, causing subsequent block allocations to reference incorrect AG structures. This mismanagement could corrupt the filesystem during extension operations, trigger kernel crashes from invalid memory accesses, and potentially introduce security vulnerabilities through damaged on-disk structures.

Impact

Exploitation of this vulnerability could lead to filesystem corruption, kernel crashes, and security vulnerabilities arising from malformed on-disk structures.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel JFS Filesystem Integer Overflow Vulnerability in Allocation Group Size Calculation

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating