In the Linux kernel, the following vulnerability has been resolved:
blk_iocost: fix more out of bound shifts
Recently running UBSAN caught few out of bound shifts in the
ioc_forgive_debts() function:
UBSAN: shift-out-of-bounds in block/blk-iocost.c:2142:38
shift exponent 80 is too large for 64-bit type 'u64' (aka 'unsigned long
long')
...
UBSAN: shift-out-of-bounds in block/blk-iocost.c:2144:30
shift exponent 80 is too large for 64-bit type 'u64' (aka 'unsigned long
long')
...
Call Trace:
<IRQ>
dump_stack_lvl+0xca/0x130
__ubsan_handle_shift_out_of_bounds+0x22c/0x280
? __lock_acquire+0x6441/0x7c10
ioc_timer_fn+0x6cec/0x7750
? blk_iocost_init+0x720/0x720
? call_timer_fn+0x5d/0x470
call_timer_fn+0xfa/0x470
? blk_iocost_init+0x720/0x720
__run_timer_base+0x519/0x700
...
Actual impact of this issue was not identified but I propose to fix the
undefined behaviour.
The proposed fix to prevent those out of bound shifts consist of
precalculating exponent before using it the shift operations by taking
min value from the actual exponent and maximum possible number of bits.
References
Configurations
Configuration 1 (hide)
|
History
13 Nov 2024, 15:09
Type | Values Removed | Values Added |
---|---|---|
First Time |
Linux linux Kernel
Linux |
|
CWE | NVD-CWE-noinfo | |
References | () https://git.kernel.org/stable/c/1ab2cfe19700fb3dde4c7dfec392acff34db3120 - Patch | |
References | () https://git.kernel.org/stable/c/1b120f151871eb47ce9f283c007af3f8ae1d990e - Patch | |
References | () https://git.kernel.org/stable/c/1f61d509257d6a05763d05bf37943b35306522b1 - Patch | |
References | () https://git.kernel.org/stable/c/364022095bdd4108efdaaa68576afa4712a5d085 - Patch | |
References | () https://git.kernel.org/stable/c/59121bb38fdc01434ea3fe361ee02b59f036227f - Patch | |
References | () https://git.kernel.org/stable/c/9bce8005ec0dcb23a58300e8522fe4a31da606fa - Patch | |
References | () https://git.kernel.org/stable/c/f4ef9bef023d5c543cb0f3194ecacfd47ef590ec - Patch | |
CPE | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
23 Oct 2024, 15:13
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
21 Oct 2024, 18:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-10-21 18:15
Updated : 2024-11-13 15:09
NVD link : CVE-2024-49933
Mitre link : CVE-2024-49933
CVE.ORG link : CVE-2024-49933
JSON object : View
Products Affected
linux
- linux_kernel
CWE