CVE-2024-42102 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again" Patch series "mm: Avoid possible overflows in dirty throttling". Dirty throttling logic assumes dirty limits in page units fit into 32-bits. This patch series makes sure this is true (see patch 2/2 for more details). This patch (of 2): This reverts commit 9319b647902cbd5cc884ac08a8a6d54ce111fc78. The commit is broken in several ways. Firstly, the removed (u64) cast from the multiplication will introduce a multiplication overflow on 32-bit archs if wb_thresh * bg_thresh >= 1<<32 (which is actually common - the default settings with 4GB of RAM will trigger this). Secondly, the div64_u64() is unnecessarily expensive on 32-bit archs. We have div64_ul() in case we want to be safe & cheap. Thirdly, if dirty thresholds are larger than 1<<32 pages, then dirty balancing is going to blow up in many other spectacular ways anyway so trying to fix one possible overflow is just moot.

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Linux	Linux Kernel
Redhat	Enterprise Linux Rhel Eus

Configuration 1 [-]

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 9
kernel-0:5.14.0-427.35.1.el9_4	cpe:/a:redhat:enterprise_linux:9	RHSA-2024:6567	2024-09-11T00:00:00Z
kernel-0:5.14.0-427.35.1.el9_4	cpe:/o:redhat:enterprise_linux:9	RHSA-2024:6567	2024-09-11T00:00:00Z
Red Hat Enterprise Linux 9.2 Extended Update Support
kernel-0:5.14.0-284.82.1.el9_2	cpe:/a:redhat:rhel_eus:9.2	RHSA-2024:6267	2024-09-04T00:00:00Z
kernel-rt-0:5.14.0-284.82.1.rt14.367.el9_2	cpe:/a:redhat:rhel_eus:9.2::nfv	RHSA-2024:6268	2024-09-04T00:00:00Z

References

Link	Providers
https://git.kernel.org/stable/c/000099d71648504fb9c7a4616f92c2b70c3e44ec
https://git.kernel.org/stable/c/145faa3d03688cbb7bbaaecbd84c01539852942c
https://git.kernel.org/stable/c/23a28f5f3f6ca1e4184bd0e9631cd0944cf1c807
https://git.kernel.org/stable/c/253f9ea7e8e53a5176bd80ceb174907b10724c1a
https://git.kernel.org/stable/c/2820005edae13b140f2d54267d1bd6bb23915f59
https://git.kernel.org/stable/c/30139c702048f1097342a31302cbd3d478f50c63
https://git.kernel.org/stable/c/cbbe17a324437c0ff99881a3ee453da45b228a00
https://git.kernel.org/stable/c/f6620df12cb6bdcad671d269debbb23573502f9d
https://lore.kernel.org/linux-cve-announce/2024073019-CVE-2024-42102-bcee@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2024-42102
https://www.cve.org/CVERecord?id=CVE-2024-42102

History

Wed, 16 Jul 2025 13:45:00 +0000

Type	Values Removed	Values Added
Metrics	epss `{'score': 0.00077}`	epss `{'score': 0.00079}`

Thu, 19 Sep 2024 21:00:00 +0000

Type	Values Removed	Values Added
Metrics	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}`	cvssV3_1 `{'score': 4.7, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H'}`

Wed, 11 Sep 2024 13:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 11 Sep 2024 10:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat enterprise Linux
CPEs		cpe:/a:redhat:enterprise_linux:9 cpe:/o:redhat:enterprise_linux:9
Vendors & Products		Redhat enterprise Linux

Fri, 06 Sep 2024 13:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat Redhat rhel Eus
CPEs		cpe:/a:redhat:rhel_eus:9.2 cpe:/a:redhat:rhel_eus:9.2::nfv
Vendors & Products		Redhat Redhat rhel Eus

Wed, 21 Aug 2024 21:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Linux Linux linux Kernel
Weaknesses		CWE-369
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-07-30T07:45:58.423Z

Updated: 2025-05-04T12:57:37.713Z

Reserved: 2024-07-29T15:50:41.174Z

Link: CVE-2024-42102

Vulnrichment

Updated: 2024-08-02T04:54:32.558Z

NVD

Status : Modified

Published: 2024-07-30T08:15:02.733

Modified: 2024-11-21T09:33:36.267

Link: CVE-2024-42102

Redhat

Severity : Moderate

Publid Date: 2024-07-30T00:00:00Z

Links: CVE-2024-42102 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-42102", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-07-29T15:50:41.174Z", "datePublished": "2024-07-30T07:45:58.423Z", "dateUpdated": "2025-05-04T12:57:37.713Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T12:57:37.713Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again\"\n\nPatch series \"mm: Avoid possible overflows in dirty throttling\".\n\nDirty throttling logic assumes dirty limits in page units fit into\n32-bits. This patch series makes sure this is true (see patch 2/2 for\nmore details).\n\n\nThis patch (of 2):\n\nThis reverts commit 9319b647902cbd5cc884ac08a8a6d54ce111fc78.\n\nThe commit is broken in several ways. Firstly, the removed (u64) cast\nfrom the multiplication will introduce a multiplication overflow on 32-bit\narchs if wb_thresh * bg_thresh >= 1<<32 (which is actually common - the\ndefault settings with 4GB of RAM will trigger this). Secondly, the\ndiv64_u64() is unnecessarily expensive on 32-bit archs. We have\ndiv64_ul() in case we want to be safe & cheap. Thirdly, if dirty\nthresholds are larger than 1<<32 pages, then dirty balancing is going to\nblow up in many other spectacular ways anyway so trying to fix one\npossible overflow is just moot."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["mm/page-writeback.c"], "versions": [{"version": "c593d26fb5d577ef31b6e49a31e08ae3ebc1bc1e", "lessThan": "253f9ea7e8e53a5176bd80ceb174907b10724c1a", "status": "affected", "versionType": "git"}, {"version": "1f12e4b3284d6c863f272eb2de0d4248ed211cf4", "lessThan": "23a28f5f3f6ca1e4184bd0e9631cd0944cf1c807", "status": "affected", "versionType": "git"}, {"version": "81e7d2530d458548b90a5c5e76b77ad5e5d1c0df", "lessThan": "145faa3d03688cbb7bbaaecbd84c01539852942c", "status": "affected", "versionType": "git"}, {"version": "5099871b370335809c0fd1abad74d9c7c205d43f", "lessThan": "2820005edae13b140f2d54267d1bd6bb23915f59", "status": "affected", "versionType": "git"}, {"version": "16b1025eaa8fc223ab4273ece20d1c3a4211a95d", "lessThan": "cbbe17a324437c0ff99881a3ee453da45b228a00", "status": "affected", "versionType": "git"}, {"version": "ec18ec230301583395576915d274b407743d8f6c", "lessThan": "f6620df12cb6bdcad671d269debbb23573502f9d", "status": "affected", "versionType": "git"}, {"version": "9319b647902cbd5cc884ac08a8a6d54ce111fc78", "lessThan": "000099d71648504fb9c7a4616f92c2b70c3e44ec", "status": "affected", "versionType": "git"}, {"version": "9319b647902cbd5cc884ac08a8a6d54ce111fc78", "lessThan": "30139c702048f1097342a31302cbd3d478f50c63", "status": "affected", "versionType": "git"}, {"version": "65977bed167a92e87085e757fffa5798f7314c9f", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["mm/page-writeback.c"], "versions": [{"version": "6.8", "status": "affected"}, {"version": "0", "lessThan": "6.8", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.318", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.280", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.222", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.163", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.98", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.39", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.9.9", "lessThanOrEqual": "6.9.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.10", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.19.307", "versionEndExcluding": "4.19.318"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.4.269", "versionEndExcluding": "5.4.280"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10.210", "versionEndExcluding": "5.10.222"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.15.149", "versionEndExcluding": "5.15.163"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.1.79", "versionEndExcluding": "6.1.98"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.6.18", "versionEndExcluding": "6.6.39"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.8", "versionEndExcluding": "6.9.9"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.8", "versionEndExcluding": "6.10"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.7.6"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/253f9ea7e8e53a5176bd80ceb174907b10724c1a"}, {"url": "https://git.kernel.org/stable/c/23a28f5f3f6ca1e4184bd0e9631cd0944cf1c807"}, {"url": "https://git.kernel.org/stable/c/145faa3d03688cbb7bbaaecbd84c01539852942c"}, {"url": "https://git.kernel.org/stable/c/2820005edae13b140f2d54267d1bd6bb23915f59"}, {"url": "https://git.kernel.org/stable/c/cbbe17a324437c0ff99881a3ee453da45b228a00"}, {"url": "https://git.kernel.org/stable/c/f6620df12cb6bdcad671d269debbb23573502f9d"}, {"url": "https://git.kernel.org/stable/c/000099d71648504fb9c7a4616f92c2b70c3e44ec"}, {"url": "https://git.kernel.org/stable/c/30139c702048f1097342a31302cbd3d478f50c63"}], "title": "Revert \"mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again\"", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:54:32.558Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/253f9ea7e8e53a5176bd80ceb174907b10724c1a", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/23a28f5f3f6ca1e4184bd0e9631cd0944cf1c807", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/145faa3d03688cbb7bbaaecbd84c01539852942c", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/2820005edae13b140f2d54267d1bd6bb23915f59", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/cbbe17a324437c0ff99881a3ee453da45b228a00", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/f6620df12cb6bdcad671d269debbb23573502f9d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/000099d71648504fb9c7a4616f92c2b70c3e44ec", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/30139c702048f1097342a31302cbd3d478f50c63", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-42102", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T16:17:59.274407Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:32:59.444Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/253f9ea7e8e53a5176bd80ceb174907b10724c1a", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/23a28f5f3f6ca1e4184bd0e9631cd0944cf1c807", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/145faa3d03688cbb7bbaaecbd84c01539852942c", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/2820005edae13b140f2d54267d1bd6bb23915f59", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/cbbe17a324437c0ff99881a3ee453da45b228a00", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/f6620df12cb6bdcad671d269debbb23573502f9d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/000099d71648504fb9c7a4616f92c2b70c3e44ec", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/30139c702048f1097342a31302cbd3d478f50c63", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:54:32.558Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-42102", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T16:17:59.274407Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:13.954Z"}}], "cna": {"title": "Revert \"mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again\"", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "c593d26fb5d577ef31b6e49a31e08ae3ebc1bc1e", "lessThan": "253f9ea7e8e53a5176bd80ceb174907b10724c1a", "versionType": "git"}, {"status": "affected", "version": "1f12e4b3284d6c863f272eb2de0d4248ed211cf4", "lessThan": "23a28f5f3f6ca1e4184bd0e9631cd0944cf1c807", "versionType": "git"}, {"status": "affected", "version": "81e7d2530d458548b90a5c5e76b77ad5e5d1c0df", "lessThan": "145faa3d03688cbb7bbaaecbd84c01539852942c", "versionType": "git"}, {"status": "affected", "version": "5099871b370335809c0fd1abad74d9c7c205d43f", "lessThan": "2820005edae13b140f2d54267d1bd6bb23915f59", "versionType": "git"}, {"status": "affected", "version": "16b1025eaa8fc223ab4273ece20d1c3a4211a95d", "lessThan": "cbbe17a324437c0ff99881a3ee453da45b228a00", "versionType": "git"}, {"status": "affected", "version": "ec18ec230301583395576915d274b407743d8f6c", "lessThan": "f6620df12cb6bdcad671d269debbb23573502f9d", "versionType": "git"}, {"status": "affected", "version": "9319b647902cbd5cc884ac08a8a6d54ce111fc78", "lessThan": "000099d71648504fb9c7a4616f92c2b70c3e44ec", "versionType": "git"}, {"status": "affected", "version": "9319b647902cbd5cc884ac08a8a6d54ce111fc78", "lessThan": "30139c702048f1097342a31302cbd3d478f50c63", "versionType": "git"}, {"status": "affected", "version": "65977bed167a92e87085e757fffa5798f7314c9f", "versionType": "git"}], "programFiles": ["mm/page-writeback.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "6.8"}, {"status": "unaffected", "version": "0", "lessThan": "6.8", "versionType": "semver"}, {"status": "unaffected", "version": "4.19.318", "versionType": "semver", "lessThanOrEqual": "4.19.*"}, {"status": "unaffected", "version": "5.4.280", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.222", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.163", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.98", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.39", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.9.9", "versionType": "semver", "lessThanOrEqual": "6.9.*"}, {"status": "unaffected", "version": "6.10", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["mm/page-writeback.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/253f9ea7e8e53a5176bd80ceb174907b10724c1a"}, {"url": "https://git.kernel.org/stable/c/23a28f5f3f6ca1e4184bd0e9631cd0944cf1c807"}, {"url": "https://git.kernel.org/stable/c/145faa3d03688cbb7bbaaecbd84c01539852942c"}, {"url": "https://git.kernel.org/stable/c/2820005edae13b140f2d54267d1bd6bb23915f59"}, {"url": "https://git.kernel.org/stable/c/cbbe17a324437c0ff99881a3ee453da45b228a00"}, {"url": "https://git.kernel.org/stable/c/f6620df12cb6bdcad671d269debbb23573502f9d"}, {"url": "https://git.kernel.org/stable/c/000099d71648504fb9c7a4616f92c2b70c3e44ec"}, {"url": "https://git.kernel.org/stable/c/30139c702048f1097342a31302cbd3d478f50c63"}], "x_generator": {"engine": "bippy-1.2.0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again\"\n\nPatch series \"mm: Avoid possible overflows in dirty throttling\".\n\nDirty throttling logic assumes dirty limits in page units fit into\n32-bits. This patch series makes sure this is true (see patch 2/2 for\nmore details).\n\n\nThis patch (of 2):\n\nThis reverts commit 9319b647902cbd5cc884ac08a8a6d54ce111fc78.\n\nThe commit is broken in several ways. Firstly, the removed (u64) cast\nfrom the multiplication will introduce a multiplication overflow on 32-bit\narchs if wb_thresh * bg_thresh >= 1<<32 (which is actually common - the\ndefault settings with 4GB of RAM will trigger this). Secondly, the\ndiv64_u64() is unnecessarily expensive on 32-bit archs. We have\ndiv64_ul() in case we want to be safe & cheap. Thirdly, if dirty\nthresholds are larger than 1<<32 pages, then dirty balancing is going to\nblow up in many other spectacular ways anyway so trying to fix one\npossible overflow is just moot."}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.19.318", "versionStartIncluding": "4.19.307"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.4.280", "versionStartIncluding": "5.4.269"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.10.222", "versionStartIncluding": "5.10.210"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.15.163", "versionStartIncluding": "5.15.149"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.1.98", "versionStartIncluding": "6.1.79"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.6.39", "versionStartIncluding": "6.6.18"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.9.9", "versionStartIncluding": "6.8"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.10", "versionStartIncluding": "6.8"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionStartIncluding": "6.7.6"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T12:57:37.713Z"}}}, "cveMetadata": {"cveId": "CVE-2024-42102", "state": "PUBLISHED", "dateUpdated": "2025-05-04T12:57:37.713Z", "dateReserved": "2024-07-29T15:50:41.174Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-07-30T07:45:58.423Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "AC87CBCC-3003-46A2-A52F-5CCE1E460E3B", "versionEndExcluding": "4.19.318", "versionStartIncluding": "4.19.307", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "293D6C3D-DC96-4828-BE63-8D51E25BE21C", "versionEndExcluding": "5.4.280", "versionStartIncluding": "5.4.269", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "3D7FDA64-0DC4-4B41-B50A-574D2D1FA12D", "versionEndExcluding": "5.10.222", "versionStartIncluding": "5.10.210", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "0720413E-F29A-4C0A-9B57-5158A778C4A2", "versionEndExcluding": "5.15.163", "versionStartIncluding": "5.15.149", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "56BF47BE-6357-4916-8FB6-5EB3BF21A96E", "versionEndExcluding": "6.1.98", "versionStartIncluding": "6.1.79", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "B702CA29-94C0-4076-8DE7-5041233C96A5", "versionEndExcluding": "6.6.39", "versionStartIncluding": "6.6.18", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "5726EB4D-ED18-4DEC-B0C0-A525D33487E1", "versionEndExcluding": "6.9.9", "versionStartIncluding": "6.8", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again\"\n\nPatch series \"mm: Avoid possible overflows in dirty throttling\".\n\nDirty throttling logic assumes dirty limits in page units fit into\n32-bits. This patch series makes sure this is true (see patch 2/2 for\nmore details).\n\n\nThis patch (of 2):\n\nThis reverts commit 9319b647902cbd5cc884ac08a8a6d54ce111fc78.\n\nThe commit is broken in several ways. Firstly, the removed (u64) cast\nfrom the multiplication will introduce a multiplication overflow on 32-bit\narchs if wb_thresh * bg_thresh >= 1<<32 (which is actually common - the\ndefault settings with 4GB of RAM will trigger this). Secondly, the\ndiv64_u64() is unnecessarily expensive on 32-bit archs. We have\ndiv64_ul() in case we want to be safe & cheap. Thirdly, if dirty\nthresholds are larger than 1<<32 pages, then dirty balancing is going to\nblow up in many other spectacular ways anyway so trying to fix one\npossible overflow is just moot."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: Revertir \"mm/writeback: corrige la posible divisi\u00f3n por cero en wb_dirty_limits(), nuevamente\" Patch series \"mm: evita posibles desbordamientos en la aceleraci\u00f3n sucia\". La l\u00f3gica de limitaci\u00f3n sucia supone que los l\u00edmites sucios en las unidades de p\u00e1ginas caben en 32 bits. Esta serie de parches garantiza que esto sea cierto (consulte el parche 2/2 para obtener m\u00e1s detalles). Este parche (de 2): esto revierte la confirmaci\u00f3n 9319b647902cbd5cc884ac08a8a6d54ce111fc78. El compromiso se rompe de varias maneras. En primer lugar, la conversi\u00f3n eliminada (u64) de la multiplicaci\u00f3n introducir\u00e1 un desbordamiento de multiplicaci\u00f3n en arcos de 32 bits si wb_thresh * bg_thresh >= 1<<32 (lo cual es realmente com\u00fan; la configuraci\u00f3n predeterminada con 4 GB de RAM activar\u00e1 esto). En segundo lugar, div64_u64() es innecesariamente caro en arcos de 32 bits. Tenemos div64_ul() en caso de que queramos ser seguros y econ\u00f3micos. En tercer lugar, si los umbrales sucios son mayores que 1<<32 p\u00e1ginas, entonces el equilibrio sucio explotar\u00e1 de muchas otras maneras espectaculares de todos modos, por lo que intentar solucionar un posible desbordamiento es discutible."}], "id": "CVE-2024-42102", "lastModified": "2024-11-21T09:33:36.267", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-07-30T08:15:02.733", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/000099d71648504fb9c7a4616f92c2b70c3e44ec"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/145faa3d03688cbb7bbaaecbd84c01539852942c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/23a28f5f3f6ca1e4184bd0e9631cd0944cf1c807"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/253f9ea7e8e53a5176bd80ceb174907b10724c1a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/2820005edae13b140f2d54267d1bd6bb23915f59"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/30139c702048f1097342a31302cbd3d478f50c63"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/cbbe17a324437c0ff99881a3ee453da45b228a00"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/f6620df12cb6bdcad671d269debbb23573502f9d"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/000099d71648504fb9c7a4616f92c2b70c3e44ec"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/145faa3d03688cbb7bbaaecbd84c01539852942c"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/23a28f5f3f6ca1e4184bd0e9631cd0944cf1c807"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/253f9ea7e8e53a5176bd80ceb174907b10724c1a"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/2820005edae13b140f2d54267d1bd6bb23915f59"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/30139c702048f1097342a31302cbd3d478f50c63"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/cbbe17a324437c0ff99881a3ee453da45b228a00"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/f6620df12cb6bdcad671d269debbb23573502f9d"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-369"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2024:6567", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-427.35.1.el9_4", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-09-11T00:00:00Z"}, {"advisory": "RHSA-2024:6567", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-427.35.1.el9_4", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-09-11T00:00:00Z"}, {"advisory": "RHSA-2024:6267", "cpe": "cpe:/a:redhat:rhel_eus:9.2", "package": "kernel-0:5.14.0-284.82.1.el9_2", "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date": "2024-09-04T00:00:00Z"}, {"advisory": "RHSA-2024:6268", "cpe": "cpe:/a:redhat:rhel_eus:9.2::nfv", "package": "kernel-rt-0:5.14.0-284.82.1.rt14.367.el9_2", "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date": "2024-09-04T00:00:00Z"}], "bugzilla": {"description": "kernel: Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again"", "id": "2301465", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2301465"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.7", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-369", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nRevert \"mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again\"\nPatch series \"mm: Avoid possible overflows in dirty throttling\".\nDirty throttling logic assumes dirty limits in page units fit into\n32-bits. This patch series makes sure this is true (see patch 2/2 for\nmore details).\nThis patch (of 2):\nThis reverts commit 9319b647902cbd5cc884ac08a8a6d54ce111fc78.\nThe commit is broken in several ways. Firstly, the removed (u64) cast\nfrom the multiplication will introduce a multiplication overflow on 32-bit\narchs if wb_thresh * bg_thresh >= 1<<32 (which is actually common - the\ndefault settings with 4GB of RAM will trigger this). Secondly, the\ndiv64_u64() is unnecessarily expensive on 32-bit archs. We have\ndiv64_ul() in case we want to be safe & cheap. Thirdly, if dirty\nthresholds are larger than 1<<32 pages, then dirty balancing is going to\nblow up in many other spectacular ways anyway so trying to fix one\npossible overflow is just moot.", "A vulnerability was found in the wb_dirty_limits() function in the Linux kernel, where a removed (u64) cast in the dtc->wb_thresh * dtc->bg_thresh operation can result in multiplication overflow on 32-bit architectures. This issue could lead to memory corruption or performance issues."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-42102", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-07-30T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-42102\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-42102\nhttps://lore.kernel.org/linux-cve-announce/2024073019-CVE-2024-42102-bcee@gregkh/T"], "statement": "Red Hat rates this as Moderate severity with an Attack Complexity rating of High, given that an attacker needs to be able to create enough dirty data (data not yet written to disk) in memory to cause the multiplication overflow, something which is more likely to be effective on systems with just 4GB of RAM, and would require the attacker to have this information about a given system when targeting their attack for a higher likelihood of success.", "threat_severity": "Moderate"}

Metrics

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object