| { |
| "containers": { |
| "cna": { |
| "providerMetadata": { |
| "orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038" |
| }, |
| "descriptions": [ |
| { |
| "lang": "en", |
| "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again\"\n\nPatch series \"mm: Avoid possible overflows in dirty throttling\".\n\nDirty throttling logic assumes dirty limits in page units fit into\n32-bits. This patch series makes sure this is true (see patch 2/2 for\nmore details).\n\n\nThis patch (of 2):\n\nThis reverts commit 9319b647902cbd5cc884ac08a8a6d54ce111fc78.\n\nThe commit is broken in several ways. Firstly, the removed (u64) cast\nfrom the multiplication will introduce a multiplication overflow on 32-bit\narchs if wb_thresh * bg_thresh >= 1<<32 (which is actually common - the\ndefault settings with 4GB of RAM will trigger this). Secondly, the\ndiv64_u64() is unnecessarily expensive on 32-bit archs. We have\ndiv64_ul() in case we want to be safe & cheap. Thirdly, if dirty\nthresholds are larger than 1<<32 pages, then dirty balancing is going to\nblow up in many other spectacular ways anyway so trying to fix one\npossible overflow is just moot." |
| } |
| ], |
| "affected": [ |
| { |
| "product": "Linux", |
| "vendor": "Linux", |
| "defaultStatus": "unaffected", |
| "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", |
| "programFiles": [ |
| "mm/page-writeback.c" |
| ], |
| "versions": [ |
| { |
| "version": "c593d26fb5d577ef31b6e49a31e08ae3ebc1bc1e", |
| "lessThan": "253f9ea7e8e53a5176bd80ceb174907b10724c1a", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "1f12e4b3284d6c863f272eb2de0d4248ed211cf4", |
| "lessThan": "23a28f5f3f6ca1e4184bd0e9631cd0944cf1c807", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "81e7d2530d458548b90a5c5e76b77ad5e5d1c0df", |
| "lessThan": "145faa3d03688cbb7bbaaecbd84c01539852942c", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "5099871b370335809c0fd1abad74d9c7c205d43f", |
| "lessThan": "2820005edae13b140f2d54267d1bd6bb23915f59", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "16b1025eaa8fc223ab4273ece20d1c3a4211a95d", |
| "lessThan": "cbbe17a324437c0ff99881a3ee453da45b228a00", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "ec18ec230301583395576915d274b407743d8f6c", |
| "lessThan": "f6620df12cb6bdcad671d269debbb23573502f9d", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "9319b647902cbd5cc884ac08a8a6d54ce111fc78", |
| "lessThan": "000099d71648504fb9c7a4616f92c2b70c3e44ec", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "9319b647902cbd5cc884ac08a8a6d54ce111fc78", |
| "lessThan": "30139c702048f1097342a31302cbd3d478f50c63", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "65977bed167a92e87085e757fffa5798f7314c9f", |
| "status": "affected", |
| "versionType": "git" |
| } |
| ] |
| }, |
| { |
| "product": "Linux", |
| "vendor": "Linux", |
| "defaultStatus": "affected", |
| "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", |
| "programFiles": [ |
| "mm/page-writeback.c" |
| ], |
| "versions": [ |
| { |
| "version": "6.8", |
| "status": "affected" |
| }, |
| { |
| "version": "0", |
| "lessThan": "6.8", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "4.19.318", |
| "lessThanOrEqual": "4.19.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.4.280", |
| "lessThanOrEqual": "5.4.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.10.222", |
| "lessThanOrEqual": "5.10.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.15.163", |
| "lessThanOrEqual": "5.15.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.1.98", |
| "lessThanOrEqual": "6.1.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.6.39", |
| "lessThanOrEqual": "6.6.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.9.9", |
| "lessThanOrEqual": "6.9.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.10", |
| "lessThanOrEqual": "*", |
| "status": "unaffected", |
| "versionType": "original_commit_for_fix" |
| } |
| ] |
| } |
| ], |
| "cpeApplicability": [ |
| { |
| "nodes": [ |
| { |
| "operator": "OR", |
| "negate": false, |
| "cpeMatch": [ |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "4.19.307", |
| "versionEndExcluding": "4.19.318" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.4.269", |
| "versionEndExcluding": "5.4.280" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.10.210", |
| "versionEndExcluding": "5.10.222" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.15.149", |
| "versionEndExcluding": "5.15.163" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "6.1.79", |
| "versionEndExcluding": "6.1.98" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "6.6.18", |
| "versionEndExcluding": "6.6.39" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "6.8", |
| "versionEndExcluding": "6.9.9" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "6.8", |
| "versionEndExcluding": "6.10" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "6.7.6" |
| } |
| ] |
| } |
| ] |
| } |
| ], |
| "references": [ |
| { |
| "url": "https://git.kernel.org/stable/c/253f9ea7e8e53a5176bd80ceb174907b10724c1a" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/23a28f5f3f6ca1e4184bd0e9631cd0944cf1c807" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/145faa3d03688cbb7bbaaecbd84c01539852942c" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/2820005edae13b140f2d54267d1bd6bb23915f59" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/cbbe17a324437c0ff99881a3ee453da45b228a00" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/f6620df12cb6bdcad671d269debbb23573502f9d" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/000099d71648504fb9c7a4616f92c2b70c3e44ec" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/30139c702048f1097342a31302cbd3d478f50c63" |
| } |
| ], |
| "title": "Revert \"mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again\"", |
| "x_generator": { |
| "engine": "bippy-1.2.0" |
| } |
| } |
| }, |
| "cveMetadata": { |
| "assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038", |
| "cveID": "CVE-2024-42102", |
| "requesterUserId": "gregkh@kernel.org", |
| "serial": "1", |
| "state": "PUBLISHED" |
| }, |
| "dataType": "CVE_RECORD", |
| "dataVersion": "5.0" |
| } |
