5.5

CVE-2024-42316

mm/mglru: fix div-by-zero in vmpressure_calc_level()

In the Linux kernel, the following vulnerability has been resolved:

mm/mglru: fix div-by-zero in vmpressure_calc_level()

evict_folios() uses a second pass to reclaim folios that have gone through
page writeback and become clean before it finishes the first pass, since
folio_rotate_reclaimable() cannot handle those folios due to the
isolation.

The second pass tries to avoid potential double counting by deducting
scan_control->nr_scanned.  However, this can result in underflow of
nr_scanned, under a condition where shrink_folio_list() does not increment
nr_scanned, i.e., when folio_trylock() fails.

The underflow can cause the divisor, i.e., scale=scanned+reclaimed in
vmpressure_calc_level(), to become zero, resulting in the following crash:

  [exception RIP: vmpressure_work_fn+101]
  process_one_work at ffffffffa3313f2b

Since scan_control->nr_scanned has no established semantics, the potential
double counting has minimal risks.  Therefore, fix the problem by not
deducting scan_control->nr_scanned in evict_folios().
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 6.1 < 6.1.103
LinuxLinux Kernel Version >= 6.2 < 6.6.44
LinuxLinux Kernel Version >= 6.7 < 6.10.3
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.21% 0.11
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-369 Divide By Zero

The product divides a value by zero.

https://git.kernel.org/stable/c/8b671fe1a879923ecfb72dda6caf01460dd885ef
Patch
https://git.kernel.org/stable/c/8de7bf77f21068a5f602bb1e59adbc5ab533509d
Patch
https://git.kernel.org/stable/c/a39e38be632f0e1c908d70d1c9cd071c03faf895
Patch
https://git.kernel.org/stable/c/d6510f234c7d117790397f9bb150816b0a954a04
Patch
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html