CVE-2024-42131

In the Linux kernel, the following vulnerability has been resolved: mm: avoid overflows in dirty throttling logic The dirty throttling logic is interspersed with assumptions that dirty limits in PAGE_SIZE units fit into 32-bit (so that various multiplications fit into 64-bits). If limits end up being larger, we will hit overflows, possible divisions by 0 etc. Fix these problems by never allowing so large dirty limits as they have dubious practical value anyway. For dirty_bytes / dirty_background_bytes interfaces we can just refuse to set so large limits. For dirty_ratio / dirty_background_ratio it isn't so simple as the dirty limit is computed from the amount of available memory which can change due to memory hotplug etc. So when converting dirty limits from ratios to numbers of pages, we just don't allow the result to exceed UINT_MAX. This is root-only triggerable problem which occurs when the operator sets dirty limits to >16 TB.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.10:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.10:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.10:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.10:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.10:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.10:rc6:*:*:*:*:*:*

History

21 Nov 2024, 09:33

Type Values Removed Values Added
References () https://git.kernel.org/stable/c/385d838df280eba6c8680f9777bfa0d0bfe7e8b2 - Patch () https://git.kernel.org/stable/c/385d838df280eba6c8680f9777bfa0d0bfe7e8b2 - Patch
References () https://git.kernel.org/stable/c/7a49389771ae7666f4dc3426e2a4594bf23ae290 - Patch () https://git.kernel.org/stable/c/7a49389771ae7666f4dc3426e2a4594bf23ae290 - Patch
References () https://git.kernel.org/stable/c/8e0b5e7f2895eccef5c2a0018b589266f90c4805 - Patch () https://git.kernel.org/stable/c/8e0b5e7f2895eccef5c2a0018b589266f90c4805 - Patch
References () https://git.kernel.org/stable/c/a25e8536184516b55ef89ab91dd2eea429de28d2 - Patch () https://git.kernel.org/stable/c/a25e8536184516b55ef89ab91dd2eea429de28d2 - Patch
References () https://git.kernel.org/stable/c/bd16a7ee339aef3ee4c90cb23902afb6af379ea0 - Patch () https://git.kernel.org/stable/c/bd16a7ee339aef3ee4c90cb23902afb6af379ea0 - Patch
References () https://git.kernel.org/stable/c/c83ed422c24f0d4b264f89291d4fabe285f80dbc - Patch () https://git.kernel.org/stable/c/c83ed422c24f0d4b264f89291d4fabe285f80dbc - Patch

25 Sep 2024, 14:45

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 5.5
v2 : unknown
v3 : 4.4

16 Sep 2024, 13:52

Type Values Removed Values Added
References () https://git.kernel.org/stable/c/2b2d2b8766db028bd827af34075f221ae9e9efff - () https://git.kernel.org/stable/c/2b2d2b8766db028bd827af34075f221ae9e9efff - Patch
References () https://git.kernel.org/stable/c/385d838df280eba6c8680f9777bfa0d0bfe7e8b2 - () https://git.kernel.org/stable/c/385d838df280eba6c8680f9777bfa0d0bfe7e8b2 - Patch
References () https://git.kernel.org/stable/c/4d3817b64eda07491bdd86a234629fe0764fb42a - () https://git.kernel.org/stable/c/4d3817b64eda07491bdd86a234629fe0764fb42a - Patch
References () https://git.kernel.org/stable/c/7a49389771ae7666f4dc3426e2a4594bf23ae290 - () https://git.kernel.org/stable/c/7a49389771ae7666f4dc3426e2a4594bf23ae290 - Patch
References () https://git.kernel.org/stable/c/8e0b5e7f2895eccef5c2a0018b589266f90c4805 - () https://git.kernel.org/stable/c/8e0b5e7f2895eccef5c2a0018b589266f90c4805 - Patch
References () https://git.kernel.org/stable/c/a25e8536184516b55ef89ab91dd2eea429de28d2 - () https://git.kernel.org/stable/c/a25e8536184516b55ef89ab91dd2eea429de28d2 - Patch
References () https://git.kernel.org/stable/c/bd16a7ee339aef3ee4c90cb23902afb6af379ea0 - () https://git.kernel.org/stable/c/bd16a7ee339aef3ee4c90cb23902afb6af379ea0 - Patch
References () https://git.kernel.org/stable/c/c83ed422c24f0d4b264f89291d4fabe285f80dbc - () https://git.kernel.org/stable/c/c83ed422c24f0d4b264f89291d4fabe285f80dbc - Patch
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.5
First Time Linux linux Kernel
Linux
CWE CWE-190
CPE cpe:2.3:o:linux:linux_kernel:6.10:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.10:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.10:rc6:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.10:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.10:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.10:rc2:*:*:*:*:*:*

19 Aug 2024, 05:15

Type Values Removed Values Added
References
  • () https://git.kernel.org/stable/c/2b2d2b8766db028bd827af34075f221ae9e9efff -
  • () https://git.kernel.org/stable/c/4d3817b64eda07491bdd86a234629fe0764fb42a -

30 Jul 2024, 13:32

Type Values Removed Values Added
Summary
  • (es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mm: evitar desbordamientos en la lógica de limitación sucia La lógica de limitación sucia se entremezcla con suposiciones de que los límites sucios en unidades PAGE_SIZE caben en 32 bits (de modo que varias multiplicaciones caben en 64 bits) . Si los límites terminan siendo mayores, tendremos desbordamientos, posibles divisiones entre 0, etc. Solucione estos problemas nunca permitiendo límites sucios tan grandes, ya que de todos modos tienen un valor práctico dudoso. Para las interfaces dirty_bytes/dirty_background_bytes podemos simplemente negarnos a establecer límites tan grandes. Para dirty_ratio / dirty_background_ratio no es tan simple ya que el límite sucio se calcula a partir de la cantidad de memoria disponible que puede cambiar debido a la conexión en caliente de la memoria, etc. Entonces, al convertir límites sucios de proporciones a números de páginas, simplemente no permitimos el el resultado excede UINT_MAX. Este es un problema que se puede activar solo desde la raíz y que ocurre cuando el operador establece límites sucios en >16 TB.

30 Jul 2024, 08:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-07-30 08:15

Updated : 2024-11-21 09:33


NVD link : CVE-2024-42131

Mitre link : CVE-2024-42131

CVE.ORG link : CVE-2024-42131


JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-190

Integer Overflow or Wraparound