CVE-2022-50580

Summary

In the Linux kernel, the following vulnerability has been resolved:

blk-throttle: prevent overflow while calculating wait time

There is a problem found by code review in tg_with_in_bps_limit() that 'bps_limit * jiffy_elapsed_rnd' might overflow. Fix the problem by calling mul_u64_u64_div_u64() instead.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxe43473b7f223ec866f7db273697e76c337c390f9 < 19c010ae44f0ce52b5436080492a61a092ee0cf4affected
LinuxLinuxe43473b7f223ec866f7db273697e76c337c390f9 < 70b2adb1d698fbc63d3b3848c452524dc15872c5affected
LinuxLinuxe43473b7f223ec866f7db273697e76c337c390f9 < cc6f0855bf8d9b729df28ff443ced7350c380dbdaffected
LinuxLinuxe43473b7f223ec866f7db273697e76c337c390f9 < ca67b0563b39e79290c23e509319c178b9ca9104affected
LinuxLinuxe43473b7f223ec866f7db273697e76c337c390f9 < 8d6bbaada2e0a65f9012ac4c2506460160e7237aaffected
LinuxLinux2.6.37affected
LinuxLinux0 < 2.6.37unaffected
LinuxLinux5.10.150 <= 5.10.*unaffected
LinuxLinux5.15.75 <= 5.15.*unaffected
LinuxLinux5.19.17 <= 5.19.*unaffected
LinuxLinux6.0.3 <= 6.0.*unaffected
LinuxLinux6.1 <= *unaffected

Weaknesses

References