LinuxCVELIST:CVE-2024-42102CVE-2024-42102 Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again"
EPSS
Percentile
5.0%
In the Linux kernel, the following vulnerability has been resolved:
Revert “mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again”
Patch series “mm: Avoid possible overflows in dirty throttling”.
Dirty throttling logic assumes dirty limits in page units fit into
32-bits. This patch series makes sure this is true (see patch 2/2 for
more details).
This patch (of 2):
This reverts commit 9319b647902cbd5cc884ac08a8a6d54ce111fc78.
The commit is broken in several ways. Firstly, the removed (u64) cast
from the multiplication will introduce a multiplication overflow on 32-bit
archs if wb_thresh * bg_thresh >= 1<<32 (which is actually common - the
default settings with 4GB of RAM will trigger this). Secondly, the
div64_u64() is unnecessarily expensive on 32-bit archs. We have
div64_ul() in case we want to be safe & cheap. Thirdly, if dirty
thresholds are larger than 1<<32 pages, then dirty balancing is going to
blow up in many other spectacular ways anyway so trying to fix one
possible overflow is just moot.
CNA Affected
[
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "unaffected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"mm/page-writeback.c"
],
"versions": [
{
"version": "c593d26fb5d5",
"lessThan": "253f9ea7e8e5",
"status": "affected",
"versionType": "git"
},
{
"version": "1f12e4b3284d",
"lessThan": "23a28f5f3f6c",
"status": "affected",
"versionType": "git"
},
{
"version": "81e7d2530d45",
"lessThan": "145faa3d0368",
"status": "affected",
"versionType": "git"
},
{
"version": "5099871b3703",
"lessThan": "2820005edae1",
"status": "affected",
"versionType": "git"
},
{
"version": "16b1025eaa8f",
"lessThan": "cbbe17a32443",
"status": "affected",
"versionType": "git"
},
{
"version": "ec18ec230301",
"lessThan": "f6620df12cb6",
"status": "affected",
"versionType": "git"
},
{
"version": "9319b647902c",
"lessThan": "000099d71648",
"status": "affected",
"versionType": "git"
},
{
"version": "9319b647902c",
"lessThan": "30139c702048",
"status": "affected",
"versionType": "git"
}
]
},
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "affected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"mm/page-writeback.c"
],
"versions": [
{
"version": "6.8",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.8",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.19.318",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.280",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.222",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.163",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.98",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.39",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.9",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
]
}
]References
git.kernel.org/stable/c/000099d71648504fb9c7a4616f92c2b70c3e44ec
git.kernel.org/stable/c/145faa3d03688cbb7bbaaecbd84c01539852942c
git.kernel.org/stable/c/23a28f5f3f6ca1e4184bd0e9631cd0944cf1c807
git.kernel.org/stable/c/253f9ea7e8e53a5176bd80ceb174907b10724c1a
git.kernel.org/stable/c/2820005edae13b140f2d54267d1bd6bb23915f59
git.kernel.org/stable/c/30139c702048f1097342a31302cbd3d478f50c63
git.kernel.org/stable/c/cbbe17a324437c0ff99881a3ee453da45b228a00
git.kernel.org/stable/c/f6620df12cb6bdcad671d269debbb23573502f9d
Related
