CVE - CVE-2024-42102

CVE-ID
CVE-2024-42102	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again" Patch series "mm: Avoid possible overflows in dirty throttling". Dirty throttling logic assumes dirty limits in page units fit into 32-bits. This patch series makes sure this is true (see patch 2/2 for more details). This patch (of 2): This reverts commit 9319b647902cbd5cc884ac08a8a6d54ce111fc78. The commit is broken in several ways. Firstly, the removed (u64) cast from the multiplication will introduce a multiplication overflow on 32-bit archs if wb_thresh * bg_thresh >= 1<<32 (which is actually common - the default settings with 4GB of RAM will trigger this). Secondly, the div64_u64() is unnecessarily expensive on 32-bit archs. We have div64_ul() in case we want to be safe & cheap. Thirdly, if dirty thresholds are larger than 1<<32 pages, then dirty balancing is going to blow up in many other spectacular ways anyway so trying to fix one possible overflow is just moot.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/000099d71648504fb9c7a4616f92c2b70c3e44ec URL:https://git.kernel.org/stable/c/000099d71648504fb9c7a4616f92c2b70c3e44ec MISC:https://git.kernel.org/stable/c/145faa3d03688cbb7bbaaecbd84c01539852942c URL:https://git.kernel.org/stable/c/145faa3d03688cbb7bbaaecbd84c01539852942c MISC:https://git.kernel.org/stable/c/23a28f5f3f6ca1e4184bd0e9631cd0944cf1c807 URL:https://git.kernel.org/stable/c/23a28f5f3f6ca1e4184bd0e9631cd0944cf1c807 MISC:https://git.kernel.org/stable/c/253f9ea7e8e53a5176bd80ceb174907b10724c1a URL:https://git.kernel.org/stable/c/253f9ea7e8e53a5176bd80ceb174907b10724c1a MISC:https://git.kernel.org/stable/c/2820005edae13b140f2d54267d1bd6bb23915f59 URL:https://git.kernel.org/stable/c/2820005edae13b140f2d54267d1bd6bb23915f59 MISC:https://git.kernel.org/stable/c/30139c702048f1097342a31302cbd3d478f50c63 URL:https://git.kernel.org/stable/c/30139c702048f1097342a31302cbd3d478f50c63 MISC:https://git.kernel.org/stable/c/cbbe17a324437c0ff99881a3ee453da45b228a00 URL:https://git.kernel.org/stable/c/cbbe17a324437c0ff99881a3ee453da45b228a00 MISC:https://git.kernel.org/stable/c/f6620df12cb6bdcad671d269debbb23573502f9d URL:https://git.kernel.org/stable/c/f6620df12cb6bdcad671d269debbb23573502f9d
Assigning CNA
kernel.org
Date Record Created
20240729	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20240729)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)