CVE-2024-42102

Summary

In the Linux kernel, the following vulnerability has been resolved:

Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again"

Patch series "mm: Avoid possible overflows in dirty throttling".

Dirty throttling logic assumes dirty limits in page units fit into 32-bits. This patch series makes sure this is true (see patch 2/2 for more details).

This patch (of 2):

This reverts commit 9319b647902cbd5cc884ac08a8a6d54ce111fc78.

The commit is broken in several ways. Firstly, the removed (u64) cast from the multiplication will introduce a multiplication overflow on 32-bit archs if wb_thresh * bg_thresh >= 1<<32 (which is actually common - the default settings with 4GB of RAM will trigger this). Secondly, the div64_u64() is unnecessarily expensive on 32-bit archs. We have div64_ul() in case we want to be safe & cheap. Thirdly, if dirty thresholds are larger than 1<<32 pages, then dirty balancing is going to blow up in many other spectacular ways anyway so trying to fix one possible overflow is just moot.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxc593d26fb5d577ef31b6e49a31e08ae3ebc1bc1e < 253f9ea7e8e53a5176bd80ceb174907b10724c1aaffected
LinuxLinux1f12e4b3284d6c863f272eb2de0d4248ed211cf4 < 23a28f5f3f6ca1e4184bd0e9631cd0944cf1c807affected
LinuxLinux81e7d2530d458548b90a5c5e76b77ad5e5d1c0df < 145faa3d03688cbb7bbaaecbd84c01539852942caffected
LinuxLinux5099871b370335809c0fd1abad74d9c7c205d43f < 2820005edae13b140f2d54267d1bd6bb23915f59affected
LinuxLinux16b1025eaa8fc223ab4273ece20d1c3a4211a95d < cbbe17a324437c0ff99881a3ee453da45b228a00affected
LinuxLinuxec18ec230301583395576915d274b407743d8f6c < f6620df12cb6bdcad671d269debbb23573502f9daffected
LinuxLinux9319b647902cbd5cc884ac08a8a6d54ce111fc78 < 000099d71648504fb9c7a4616f92c2b70c3e44ecaffected
LinuxLinux9319b647902cbd5cc884ac08a8a6d54ce111fc78 < 30139c702048f1097342a31302cbd3d478f50c63affected
LinuxLinux65977bed167a92e87085e757fffa5798f7314c9faffected
LinuxLinux4.19.307 < 4.19.318affected
LinuxLinux5.4.269 < 5.4.280affected
LinuxLinux5.10.210 < 5.10.222affected
LinuxLinux5.15.149 < 5.15.163affected
LinuxLinux6.1.79 < 6.1.98affected
LinuxLinux6.6.18 < 6.6.39affected
LinuxLinux6.7.6 < 6.8affected
LinuxLinux6.8affected
LinuxLinux0 < 6.8unaffected
LinuxLinux4.19.318 <= 4.19.*unaffected
LinuxLinux5.4.280 <= 5.4.*unaffected
LinuxLinux5.10.222 <= 5.10.*unaffected
LinuxLinux5.15.163 <= 5.15.*unaffected
LinuxLinux6.1.98 <= 6.1.*unaffected
LinuxLinux6.6.39 <= 6.6.*unaffected
LinuxLinux6.9.9 <= 6.9.*unaffected
LinuxLinux6.10 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References