jfs filesystem

The Linux kernel vulnerability tracked as CVE-2024-40902 — described upstream as “jfs: xattr: fix buffer overflow for invalid xattr” — was identified and fixed in the kernel in mid‑2024 after syzkaller and stable‑tree review flagged a condition where printing a malformed extended attribute...

The Linux kernel patch for CVE-2025-38204 closes an array-index-out-of-bounds read in the JFS filesystem implementation’s add_missing_indices routine — a correctness fix that prevents a malformed on-disk structure from producing an out-of-bounds read and a potential kernel crash. Microsoft’s...

The Linux kernel received a surgical fix for a subtle JFS bug that could trigger a shift-out-of-bounds in the dbDiscardAG routine — a condition that, if exercised on vulnerable kernels, can cause kernel instability and denial-of-service. The problem is small in code footprint but meaningful in...

A subtle but important memory-initialization fix landed in upstream Linux this spring: CVE-2025-37742 patches an uninitialized-value access in the JFS filesystem by ensuring the in-memory imap structure is zeroed when it’s allocated in the diMount() routine. The result is a low-complexity...

The Linux kernel has received a small but important corrective patch identified as CVE-2025-40312 — a JFS filesystem hardening change that verifies inode mode when loading an inode from disk, closing a corner-case in which a corrupted on‑disk inode could present an invalid mode value and confuse...