OpenCVE

In the Linux kernel, the following vulnerability has been resolved: block: Fix iterating over an empty bio with bio_for_each_folio_all If the bio contains no data, bio_first_folio() calls page_folio() on a NULL pointer and oopses. Move the test that we've reached the end of the bio from bio_next_folio() to bio_first_folio(). [axboe: add unlikely() to error case]

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/7bed6f3d08b7af27b7015da8dc3acf2b9c1f21d7
https://git.kernel.org/stable/c/a6bd8182137a12d22d3f2cee463271bdcb491659
https://git.kernel.org/stable/c/c6350b5cb78e9024c49eaee6fdb914ad2903a5fe
https://git.kernel.org/stable/c/ca3ede3f5893e2d26d4dbdef1eec28a8487fafde
https://lore.kernel.org/linux-cve-announce/20240318100758.2828621-15-lee@kernel.org/T
https://nvd.nist.gov/vuln/detail/CVE-2024-26632
https://www.cve.org/CVERecord?id=CVE-2024-26632

History

No history.

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-03-18T10:07:48.908Z

Updated: 2024-11-05T09:12:54.769Z

Reserved: 2024-02-19T14:20:24.136Z

Link: CVE-2024-26632

Vulnrichment

Updated: 2024-08-02T00:07:19.786Z

NVD

Status : Awaiting Analysis

Published: 2024-03-18T11:15:09.697

Modified: 2024-11-21T09:02:43.700

Link: CVE-2024-26632

Redhat

Severity : Moderate

Publid Date: 2024-03-18T00:00:00Z

Links: CVE-2024-26632 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-26632", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-02-19T14:20:24.136Z", "datePublished": "2024-03-18T10:07:48.908Z", "dateUpdated": "2024-11-05T09:12:54.769Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-05T09:12:54.769Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: Fix iterating over an empty bio with bio_for_each_folio_all\n\nIf the bio contains no data, bio_first_folio() calls page_folio() on a\nNULL pointer and oopses. Move the test that we've reached the end of\nthe bio from bio_next_folio() to bio_first_folio().\n\n[axboe: add unlikely() to error case]"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["include/linux/bio.h"], "versions": [{"version": "640d1930bef4", "lessThan": "c6350b5cb78e", "status": "affected", "versionType": "git"}, {"version": "640d1930bef4", "lessThan": "a6bd8182137a", "status": "affected", "versionType": "git"}, {"version": "640d1930bef4", "lessThan": "ca3ede3f5893", "status": "affected", "versionType": "git"}, {"version": "640d1930bef4", "lessThan": "7bed6f3d08b7", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["include/linux/bio.h"], "versions": [{"version": "5.17", "status": "affected"}, {"version": "0", "lessThan": "5.17", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.75", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.14", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.7.2", "lessThanOrEqual": "6.7.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.8", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/c6350b5cb78e9024c49eaee6fdb914ad2903a5fe"}, {"url": "https://git.kernel.org/stable/c/a6bd8182137a12d22d3f2cee463271bdcb491659"}, {"url": "https://git.kernel.org/stable/c/ca3ede3f5893e2d26d4dbdef1eec28a8487fafde"}, {"url": "https://git.kernel.org/stable/c/7bed6f3d08b7af27b7015da8dc3acf2b9c1f21d7"}], "title": "block: Fix iterating over an empty bio with bio_for_each_folio_all", "x_generator": {"engine": "bippy-9e1c9544281a"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-26632", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-03-18T15:42:33.391380Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:48:29.866Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:07:19.786Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/c6350b5cb78e9024c49eaee6fdb914ad2903a5fe", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a6bd8182137a12d22d3f2cee463271bdcb491659", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ca3ede3f5893e2d26d4dbdef1eec28a8487fafde", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/7bed6f3d08b7af27b7015da8dc3acf2b9c1f21d7", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/c6350b5cb78e9024c49eaee6fdb914ad2903a5fe", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a6bd8182137a12d22d3f2cee463271bdcb491659", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ca3ede3f5893e2d26d4dbdef1eec28a8487fafde", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/7bed6f3d08b7af27b7015da8dc3acf2b9c1f21d7", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:07:19.786Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-26632", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-03-18T15:42:33.391380Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-23T19:01:18.395Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "block: Fix iterating over an empty bio with bio_for_each_folio_all", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "640d1930bef4", "lessThan": "c6350b5cb78e", "versionType": "git"}, {"status": "affected", "version": "640d1930bef4", "lessThan": "a6bd8182137a", "versionType": "git"}, {"status": "affected", "version": "640d1930bef4", "lessThan": "ca3ede3f5893", "versionType": "git"}, {"status": "affected", "version": "640d1930bef4", "lessThan": "7bed6f3d08b7", "versionType": "git"}], "programFiles": ["include/linux/bio.h"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "5.17"}, {"status": "unaffected", "version": "0", "lessThan": "5.17", "versionType": "semver"}, {"status": "unaffected", "version": "6.1.75", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.14", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.7.2", "versionType": "semver", "lessThanOrEqual": "6.7.*"}, {"status": "unaffected", "version": "6.8", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["include/linux/bio.h"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/c6350b5cb78e9024c49eaee6fdb914ad2903a5fe"}, {"url": "https://git.kernel.org/stable/c/a6bd8182137a12d22d3f2cee463271bdcb491659"}, {"url": "https://git.kernel.org/stable/c/ca3ede3f5893e2d26d4dbdef1eec28a8487fafde"}, {"url": "https://git.kernel.org/stable/c/7bed6f3d08b7af27b7015da8dc3acf2b9c1f21d7"}], "x_generator": {"engine": "bippy-9e1c9544281a"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: Fix iterating over an empty bio with bio_for_each_folio_all\n\nIf the bio contains no data, bio_first_folio() calls page_folio() on a\nNULL pointer and oopses. Move the test that we've reached the end of\nthe bio from bio_next_folio() to bio_first_folio().\n\n[axboe: add unlikely() to error case]"}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-05T09:12:54.769Z"}}}, "cveMetadata": {"cveId": "CVE-2024-26632", "state": "PUBLISHED", "dateUpdated": "2024-11-05T09:12:54.769Z", "dateReserved": "2024-02-19T14:20:24.136Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-03-18T10:07:48.908Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"bugzilla": {"description": "kernel: block: Fix iterating over an empty bio with bio_for_each_folio_all", "id": "2270131", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270131"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-476", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nblock: Fix iterating over an empty bio with bio_for_each_folio_all\nIf the bio contains no data, bio_first_folio() calls page_folio() on a\nNULL pointer and oopses. Move the test that we've reached the end of\nthe bio from bio_next_folio() to bio_first_folio().\n[axboe: add unlikely() to error case]", "A vulnerability was found in block subsystem of Linux Kernel causing a system crash when iterating an empty bio using bio_for_each_folio_all() function. This occurred because bio_first_folio() called page_folio() on a NULL pointer."], "mitigation": {"lang": "en:us", "value": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible."}, "name": "CVE-2024-26632", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-03-18T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-26632\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-26632\nhttps://lore.kernel.org/linux-cve-announce/20240318100758.2828621-15-lee@kernel.org/T"], "threat_severity": "Moderate", "upstream_fix": "kernel 6.1.75, kernel 6.6.14, kernel 6.7.2, kernel 6.8"}