CVE-2022-49553

MEDIUM

Linux Kernel 5.15-5.15.44, 5.16-5.17.12, 5.18-5.18.1 - Integer Overflow via NTFS BOOT sectors_per_clusters Field

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: validate BOOT sectors_per_clusters When the NTFS BOOT sectors_per_clusters field is > 0x80, it represents a shift value. Make sure that the shift value is not too large before using it (NTFS max cluster size is 2MB). Return -EVINVAL if it too large. This prevents negative shift values and shift values that are larger than the field size. Prevents this UBSAN error: UBSAN: shift-out-of-bounds in ../fs/ntfs3/super.c:673:16 shift exponent -192 is negative

References (4)

Core 4

Core References

Patch

https://git.kernel.org/stable/c/58cf68a1886d14ffdc5c892ce483a82156769e88

Patch

https://git.kernel.org/stable/c/4746c49b11b2403f5b5b07c6eac9e60663dcd9a3

Patch

https://git.kernel.org/stable/c/a2b6986316a2d106f6951e76db70fa4b2fde64a9

Patch

https://git.kernel.org/stable/c/a3b774342fa752a5290c0de36375289dfcf4a260

Scores

CVSS v3 5.5

EPSS 0.0024

EPSS Percentile 14.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-190

Status published

Products (14)

linux/Kernel 5.15.0 - 5.15.45linux

linux/Kernel 5.16.0 - 5.17.13linux

linux/Kernel 5.18.0 - 5.18.2linux

Linux/Linux < 5.15

Linux/Linux 5.15

Linux/Linux 5.15.45 - 5.15.*

Linux/Linux 5.17.13 - 5.17.*

Linux/Linux 5.18.2 - 5.18.*

Linux/Linux 5.19

Linux/Linux 82cae269cfa953032fbb8980a7d554d60fb00b17 - 4746c49b11b2403f5b5b07c6eac9e60663dcd9a3

... and 4 more

Published Feb 26, 2025

Tracked Since Feb 18, 2026