In the Linux kernel, the following vulnerability has been resolved:
Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again"
Patch series "mm: Avoid possible overflows in dirty throttling".
Dirty throttling logic assumes dirty limits in page units fit into
32-bits. This patch series makes sure this is true (see patch 2/2 for
more details).
This patch (of 2):
This reverts commit 9319b647902cbd5cc884ac08a8a6d54ce111fc78.
The commit is broken in several ways. Firstly, the removed (u64) cast
from the multiplication will introduce a multiplication overflow on 32-bit
archs if wb_thresh * bg_thresh >= 1<<32 (which is actually common - the
default settings with 4GB of RAM will trigger this). Secondly, the
div64_u64() is unnecessarily expensive on 32-bit archs. We have
div64_ul() in case we want to be safe & cheap. Thirdly, if dirty
thresholds are larger than 1<<32 pages, then dirty balancing is going to
blow up in many other spectacular ways anyway so trying to fix one
possible overflow is just moot.
Metrics
Affected Vendors & Products
References
History
Thu, 19 Sep 2024 21:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
cvssV3_1
|
cvssV3_1
|
Wed, 11 Sep 2024 13:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 11 Sep 2024 10:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat enterprise Linux
|
|
CPEs | cpe:/a:redhat:enterprise_linux:9 cpe:/o:redhat:enterprise_linux:9 |
|
Vendors & Products |
Redhat enterprise Linux
|
Fri, 06 Sep 2024 13:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat
Redhat rhel Eus |
|
CPEs | cpe:/a:redhat:rhel_eus:9.2 cpe:/a:redhat:rhel_eus:9.2::nfv |
|
Vendors & Products |
Redhat
Redhat rhel Eus |
Wed, 21 Aug 2024 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Linux
Linux linux Kernel |
|
Weaknesses | CWE-369 | |
CPEs | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | |
Vendors & Products |
Linux
Linux linux Kernel |
MITRE
Status: PUBLISHED
Assigner: Linux
Published: 2024-07-30T07:45:58.423Z
Updated: 2024-12-19T09:12:47.256Z
Reserved: 2024-07-29T15:50:41.174Z
Link: CVE-2024-42102
Vulnrichment
Updated: 2024-08-02T04:54:32.558Z
NVD
Status : Modified
Published: 2024-07-30T08:15:02.733
Modified: 2024-11-21T09:33:36.267
Link: CVE-2024-42102
Redhat