{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2024-35925", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-05-17T13:50:33.126Z", "datePublished": "2024-05-19T10:10:35.708Z", "dateUpdated": "2024-08-02T03:21:49.052Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-29T05:31:20.880Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: prevent division by zero in blk_rq_stat_sum()\n\nThe expression dst->nr_samples + src->nr_samples may\nhave zero value on overflow. It is necessary to add\na check to avoid division by zero.\n\nFound by Linux Verification Center (linuxtesting.org) with Svace."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["block/blk-stat.c"], "versions": [{"version": "1da177e4c3f4", "lessThan": "6a55dab4ac95", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "edd073c78d2b", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "b0cb5564c3e8", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "21e7d72d0cfc", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "512a01da7134", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "5f7fd6aa4c48", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "98ddf2604ade", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "93f52fbeaf4b", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["block/blk-stat.c"], "versions": [{"version": "4.19.312", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.4.274", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.10.215", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.15.155", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.1.86", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.6.27", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.8.6", "lessThanOrEqual": "6.8.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.9", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/6a55dab4ac956deb23690eedd74e70b892a378e7"}, {"url": "https://git.kernel.org/stable/c/edd073c78d2bf48c5b8bf435bbc3d61d6e7c6c14"}, {"url": "https://git.kernel.org/stable/c/b0cb5564c3e8e0ee0a2d28c86fa7f02e82d64c3c"}, {"url": "https://git.kernel.org/stable/c/21e7d72d0cfcbae6042d498ea2e6f395311767f8"}, {"url": "https://git.kernel.org/stable/c/512a01da7134bac8f8b373506011e8aaa3283854"}, {"url": "https://git.kernel.org/stable/c/5f7fd6aa4c4877d77133ea86c14cf256f390b2fe"}, {"url": "https://git.kernel.org/stable/c/98ddf2604ade2d954bf5ec193600d5274a43fd68"}, {"url": "https://git.kernel.org/stable/c/93f52fbeaf4b676b21acfe42a5152620e6770d02"}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"}], "title": "block: prevent division by zero in blk_rq_stat_sum()", "x_generator": {"engine": "bippy-a5840b7849dd"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-35925", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-20T15:10:44.680403Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:34:55.338Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:21:49.052Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/6a55dab4ac956deb23690eedd74e70b892a378e7", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/edd073c78d2bf48c5b8bf435bbc3d61d6e7c6c14", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b0cb5564c3e8e0ee0a2d28c86fa7f02e82d64c3c", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/21e7d72d0cfcbae6042d498ea2e6f395311767f8", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/512a01da7134bac8f8b373506011e8aaa3283854", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/5f7fd6aa4c4877d77133ea86c14cf256f390b2fe", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/98ddf2604ade2d954bf5ec193600d5274a43fd68", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/93f52fbeaf4b676b21acfe42a5152620e6770d02", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", "tags": ["x_transferred"]}]}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-35925", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-20T15:10:44.680403Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-23T19:01:24.929Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "block: prevent division by zero in blk_rq_stat_sum()", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "1da177e4c3f4", "lessThan": "6a55dab4ac95", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "edd073c78d2b", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "b0cb5564c3e8", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "21e7d72d0cfc", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "512a01da7134", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "5f7fd6aa4c48", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "98ddf2604ade", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "93f52fbeaf4b", "versionType": "git"}], "programFiles": ["block/blk-stat.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "unaffected", "version": "4.19.312", "versionType": "custom", "lessThanOrEqual": "4.19.*"}, {"status": "unaffected", "version": "5.4.274", "versionType": "custom", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.215", "versionType": "custom", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.155", "versionType": "custom", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.86", "versionType": "custom", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.27", "versionType": "custom", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.8.6", "versionType": "custom", "lessThanOrEqual": "6.8.*"}, {"status": "unaffected", "version": "6.9", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["block/blk-stat.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/6a55dab4ac956deb23690eedd74e70b892a378e7"}, {"url": "https://git.kernel.org/stable/c/edd073c78d2bf48c5b8bf435bbc3d61d6e7c6c14"}, {"url": "https://git.kernel.org/stable/c/b0cb5564c3e8e0ee0a2d28c86fa7f02e82d64c3c"}, {"url": "https://git.kernel.org/stable/c/21e7d72d0cfcbae6042d498ea2e6f395311767f8"}, {"url": "https://git.kernel.org/stable/c/512a01da7134bac8f8b373506011e8aaa3283854"}, {"url": "https://git.kernel.org/stable/c/5f7fd6aa4c4877d77133ea86c14cf256f390b2fe"}, {"url": "https://git.kernel.org/stable/c/98ddf2604ade2d954bf5ec193600d5274a43fd68"}, {"url": "https://git.kernel.org/stable/c/93f52fbeaf4b676b21acfe42a5152620e6770d02"}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"}], "x_generator": {"engine": "bippy-a5840b7849dd"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: prevent division by zero in blk_rq_stat_sum()\n\nThe expression dst->nr_samples + src->nr_samples may\nhave zero value on overflow. It is necessary to add\na check to avoid division by zero.\n\nFound by Linux Verification Center (linuxtesting.org) with Svace."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-29T05:31:20.880Z"}}}, "cveMetadata": {"cveId": "CVE-2024-35925", "state": "PUBLISHED", "dateUpdated": "2024-05-29T05:31:20.880Z", "dateReserved": "2024-05-17T13:50:33.126Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-19T10:10:35.708Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: prevent division by zero in blk_rq_stat_sum()\n\nThe expression dst->nr_samples + src->nr_samples may\nhave zero value on overflow. It is necessary to add\na check to avoid division by zero.\n\nFound by Linux Verification Center (linuxtesting.org) with Svace."}, {"lang": "es", "value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bloquear: evitar la divisi\u00f3n por cero en blk_rq_stat_sum() La expresi\u00f3n dst->nr_samples + src->nr_samples puede tener un valor cero en caso de desbordamiento. Es necesario agregar un cheque para evitar la divisi\u00f3n por cero. Encontrado por el Centro de verificaci\u00f3n de Linux (linuxtesting.org) con Svace."}], "id": "CVE-2024-35925", "lastModified": "2024-06-27T13:15:59.470", "metrics": {}, "published": "2024-05-19T11:15:48.720", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/21e7d72d0cfcbae6042d498ea2e6f395311767f8"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/512a01da7134bac8f8b373506011e8aaa3283854"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/5f7fd6aa4c4877d77133ea86c14cf256f390b2fe"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/6a55dab4ac956deb23690eedd74e70b892a378e7"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/93f52fbeaf4b676b21acfe42a5152620e6770d02"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/98ddf2604ade2d954bf5ec193600d5274a43fd68"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/b0cb5564c3e8e0ee0a2d28c86fa7f02e82d64c3c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/edd073c78d2bf48c5b8bf435bbc3d61d6e7c6c14"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"affected_release": [{"advisory": "RHSA-2024:5102", "cpe": "cpe:/a:redhat:enterprise_linux:8::nfv", "package": "kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-08-08T00:00:00Z"}, {"advisory": "RHSA-2024:5101", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kernel-0:4.18.0-553.16.1.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-08-08T00:00:00Z"}], "bugzilla": {"description": "kernel: block: prevent division by zero in blk_rq_stat_sum()", "id": "2281752", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281752"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\nblock: prevent division by zero in blk_rq_stat_sum()\nThe expression dst->nr_samples + src->nr_samples may\nhave zero value on overflow. It is necessary to add\na check to avoid division by zero.\nFound by Linux Verification Center (linuxtesting.org) with Svace."], "name": "CVE-2024-35925", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Under investigation", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Under investigation", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-19T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-35925\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-35925\nhttps://lore.kernel.org/linux-cve-announce/2024051914-CVE-2024-35925-fa17@gregkh/T"], "threat_severity": "Low", "upstream_fix": "kernel 4.19.312, kernel 5.4.274, kernel 5.10.215, kernel 5.15.155, kernel 6.1.86, kernel 6.6.27, kernel 6.8.6, kernel 6.9"}