4.7

CVE-2024-42102

Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again"

In the Linux kernel, the following vulnerability has been resolved:

Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again"

Patch series "mm: Avoid possible overflows in dirty throttling".

Dirty throttling logic assumes dirty limits in page units fit into
32-bits.  This patch series makes sure this is true (see patch 2/2 for
more details).


This patch (of 2):

This reverts commit 9319b647902cbd5cc884ac08a8a6d54ce111fc78.

The commit is broken in several ways.  Firstly, the removed (u64) cast
from the multiplication will introduce a multiplication overflow on 32-bit
archs if wb_thresh * bg_thresh >= 1<<32 (which is actually common - the
default settings with 4GB of RAM will trigger this).  Secondly, the
div64_u64() is unnecessarily expensive on 32-bit archs.  We have
div64_ul() in case we want to be safe & cheap.  Thirdly, if dirty
thresholds are larger than 1<<32 pages, then dirty balancing is going to
blow up in many other spectacular ways anyway so trying to fix one
possible overflow is just moot.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.19.307 < 4.19.318
LinuxLinux Kernel Version >= 5.4.269 < 5.4.280
LinuxLinux Kernel Version >= 5.10.210 < 5.10.222
LinuxLinux Kernel Version >= 5.15.149 < 5.15.163
LinuxLinux Kernel Version >= 6.1.79 < 6.1.98
LinuxLinux Kernel Version >= 6.6.18 < 6.6.39
LinuxLinux Kernel Version >= 6.8 < 6.9.9
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.26% 0.167
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.7 1 3.6
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-369 Divide By Zero

The product divides a value by zero.

https://git.kernel.org/stable/c/000099d71648504fb9c7a4616f92c2b70c3e44ec
Patch
https://git.kernel.org/stable/c/145faa3d03688cbb7bbaaecbd84c01539852942c
Patch
https://git.kernel.org/stable/c/23a28f5f3f6ca1e4184bd0e9631cd0944cf1c807
Patch
https://git.kernel.org/stable/c/253f9ea7e8e53a5176bd80ceb174907b10724c1a
Patch
https://git.kernel.org/stable/c/2820005edae13b140f2d54267d1bd6bb23915f59
Patch
https://git.kernel.org/stable/c/30139c702048f1097342a31302cbd3d478f50c63
Patch
https://git.kernel.org/stable/c/cbbe17a324437c0ff99881a3ee453da45b228a00
Patch
https://git.kernel.org/stable/c/f6620df12cb6bdcad671d269debbb23573502f9d
Patch
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html