{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-42131", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-07-29T15:50:41.186Z", "datePublished": "2024-07-30T07:46:26.872Z", "dateUpdated": "2024-11-05T09:38:00.249Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-05T09:38:00.249Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: avoid overflows in dirty throttling logic\n\nThe dirty throttling logic is interspersed with assumptions that dirty\nlimits in PAGE_SIZE units fit into 32-bit (so that various multiplications\nfit into 64-bits). If limits end up being larger, we will hit overflows,\npossible divisions by 0 etc. Fix these problems by never allowing so\nlarge dirty limits as they have dubious practical value anyway. For\ndirty_bytes / dirty_background_bytes interfaces we can just refuse to set\nso large limits. For dirty_ratio / dirty_background_ratio it isn't so\nsimple as the dirty limit is computed from the amount of available memory\nwhich can change due to memory hotplug etc. So when converting dirty\nlimits from ratios to numbers of pages, we just don't allow the result to\nexceed UINT_MAX.\n\nThis is root-only triggerable problem which occurs when the operator\nsets dirty limits to >16 TB."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["mm/page-writeback.c"], "versions": [{"version": "1da177e4c3f4", "lessThan": "2b2d2b8766db", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "4d3817b64eda", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "7a49389771ae", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "a25e85361845", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "c83ed422c24f", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "bd16a7ee339a", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "8e0b5e7f2895", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "385d838df280", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["mm/page-writeback.c"], "versions": [{"version": "4.19.320", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.282", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.222", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.163", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.98", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.39", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.9.9", "lessThanOrEqual": "6.9.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.10", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/2b2d2b8766db028bd827af34075f221ae9e9efff"}, {"url": "https://git.kernel.org/stable/c/4d3817b64eda07491bdd86a234629fe0764fb42a"}, {"url": "https://git.kernel.org/stable/c/7a49389771ae7666f4dc3426e2a4594bf23ae290"}, {"url": "https://git.kernel.org/stable/c/a25e8536184516b55ef89ab91dd2eea429de28d2"}, {"url": "https://git.kernel.org/stable/c/c83ed422c24f0d4b264f89291d4fabe285f80dbc"}, {"url": "https://git.kernel.org/stable/c/bd16a7ee339aef3ee4c90cb23902afb6af379ea0"}, {"url": "https://git.kernel.org/stable/c/8e0b5e7f2895eccef5c2a0018b589266f90c4805"}, {"url": "https://git.kernel.org/stable/c/385d838df280eba6c8680f9777bfa0d0bfe7e8b2"}], "title": "mm: avoid overflows in dirty throttling logic", "x_generator": {"engine": "bippy-9e1c9544281a"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:54:32.385Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/7a49389771ae7666f4dc3426e2a4594bf23ae290", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a25e8536184516b55ef89ab91dd2eea429de28d2", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c83ed422c24f0d4b264f89291d4fabe285f80dbc", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/bd16a7ee339aef3ee4c90cb23902afb6af379ea0", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/8e0b5e7f2895eccef5c2a0018b589266f90c4805", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/385d838df280eba6c8680f9777bfa0d0bfe7e8b2", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-42131", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T16:16:25.346003Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:34:36.512Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/7a49389771ae7666f4dc3426e2a4594bf23ae290", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a25e8536184516b55ef89ab91dd2eea429de28d2", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c83ed422c24f0d4b264f89291d4fabe285f80dbc", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/bd16a7ee339aef3ee4c90cb23902afb6af379ea0", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/8e0b5e7f2895eccef5c2a0018b589266f90c4805", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/385d838df280eba6c8680f9777bfa0d0bfe7e8b2", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:54:32.385Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-42131", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T16:16:25.346003Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:24.752Z"}}], "cna": {"title": "mm: avoid overflows in dirty throttling logic", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "1da177e4c3f4", "lessThan": "2b2d2b8766db", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "4d3817b64eda", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "7a49389771ae", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "a25e85361845", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "c83ed422c24f", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "bd16a7ee339a", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "8e0b5e7f2895", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "385d838df280", "versionType": "git"}], "programFiles": ["mm/page-writeback.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "unaffected", "version": "4.19.320", "versionType": "semver", "lessThanOrEqual": "4.19.*"}, {"status": "unaffected", "version": "5.4.282", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.222", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.163", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.98", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.39", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.9.9", "versionType": "semver", "lessThanOrEqual": "6.9.*"}, {"status": "unaffected", "version": "6.10", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["mm/page-writeback.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/2b2d2b8766db028bd827af34075f221ae9e9efff"}, {"url": "https://git.kernel.org/stable/c/4d3817b64eda07491bdd86a234629fe0764fb42a"}, {"url": "https://git.kernel.org/stable/c/7a49389771ae7666f4dc3426e2a4594bf23ae290"}, {"url": "https://git.kernel.org/stable/c/a25e8536184516b55ef89ab91dd2eea429de28d2"}, {"url": "https://git.kernel.org/stable/c/c83ed422c24f0d4b264f89291d4fabe285f80dbc"}, {"url": "https://git.kernel.org/stable/c/bd16a7ee339aef3ee4c90cb23902afb6af379ea0"}, {"url": "https://git.kernel.org/stable/c/8e0b5e7f2895eccef5c2a0018b589266f90c4805"}, {"url": "https://git.kernel.org/stable/c/385d838df280eba6c8680f9777bfa0d0bfe7e8b2"}], "x_generator": {"engine": "bippy-9e1c9544281a"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: avoid overflows in dirty throttling logic\n\nThe dirty throttling logic is interspersed with assumptions that dirty\nlimits in PAGE_SIZE units fit into 32-bit (so that various multiplications\nfit into 64-bits). If limits end up being larger, we will hit overflows,\npossible divisions by 0 etc. Fix these problems by never allowing so\nlarge dirty limits as they have dubious practical value anyway. For\ndirty_bytes / dirty_background_bytes interfaces we can just refuse to set\nso large limits. For dirty_ratio / dirty_background_ratio it isn't so\nsimple as the dirty limit is computed from the amount of available memory\nwhich can change due to memory hotplug etc. So when converting dirty\nlimits from ratios to numbers of pages, we just don't allow the result to\nexceed UINT_MAX.\n\nThis is root-only triggerable problem which occurs when the operator\nsets dirty limits to >16 TB."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-05T09:38:00.249Z"}}}, "cveMetadata": {"cveId": "CVE-2024-42131", "state": "PUBLISHED", "dateUpdated": "2024-11-05T09:38:00.249Z", "dateReserved": "2024-07-29T15:50:41.186Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-07-30T07:46:26.872Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "0B4EF915-550B-45E5-B2CA-648FEACD60FC", "versionEndExcluding": "4.19.320", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "A8961D98-9ACF-4188-BA88-44038B14BC28", "versionEndExcluding": "5.4.282", "versionStartIncluding": "4.20", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "00696AC5-EE29-437F-97F9-C4D66608B327", "versionEndExcluding": "5.10.222", "versionStartIncluding": "5.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "A97DEB09-4927-40F8-B5C6-F5BD5EAE0CFD", "versionEndExcluding": "5.15.163", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "E09E92A5-27EF-40E4-926A-B1CDC8270551", "versionEndExcluding": "6.1.98", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "29E894E4-668F-4DB0-81F7-4FB5F698E970", "versionEndExcluding": "6.6.39", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "ADCC1407-0CB3-4C8F-B4C5-07F682CD7085", "versionEndExcluding": "6.9.9", "versionStartIncluding": "6.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc1:*:*:*:*:*:*", "matchCriteriaId": "2EBB4392-5FA6-4DA9-9772-8F9C750109FA", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc2:*:*:*:*:*:*", "matchCriteriaId": "331C2F14-12C7-45D5-893D-8C52EE38EA10", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc3:*:*:*:*:*:*", "matchCriteriaId": "3173713D-909A-4DD3-9DD4-1E171EB057EE", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc4:*:*:*:*:*:*", "matchCriteriaId": "79F18AFA-40F7-43F0-BA30-7BDB65F918B9", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc5:*:*:*:*:*:*", "matchCriteriaId": "BD973AA4-A789-49BD-8D57-B2846935D3C7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc6:*:*:*:*:*:*", "matchCriteriaId": "8F3E9E0C-AC3E-4967-AF80-6483E8AB0078", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: avoid overflows in dirty throttling logic\n\nThe dirty throttling logic is interspersed with assumptions that dirty\nlimits in PAGE_SIZE units fit into 32-bit (so that various multiplications\nfit into 64-bits). If limits end up being larger, we will hit overflows,\npossible divisions by 0 etc. Fix these problems by never allowing so\nlarge dirty limits as they have dubious practical value anyway. For\ndirty_bytes / dirty_background_bytes interfaces we can just refuse to set\nso large limits. For dirty_ratio / dirty_background_ratio it isn't so\nsimple as the dirty limit is computed from the amount of available memory\nwhich can change due to memory hotplug etc. So when converting dirty\nlimits from ratios to numbers of pages, we just don't allow the result to\nexceed UINT_MAX.\n\nThis is root-only triggerable problem which occurs when the operator\nsets dirty limits to >16 TB."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mm: evitar desbordamientos en la l\u00f3gica de limitaci\u00f3n sucia La l\u00f3gica de limitaci\u00f3n sucia se entremezcla con suposiciones de que los l\u00edmites sucios en unidades PAGE_SIZE caben en 32 bits (de modo que varias multiplicaciones caben en 64 bits) . Si los l\u00edmites terminan siendo mayores, tendremos desbordamientos, posibles divisiones entre 0, etc. Solucione estos problemas nunca permitiendo l\u00edmites sucios tan grandes, ya que de todos modos tienen un valor pr\u00e1ctico dudoso. Para las interfaces dirty_bytes/dirty_background_bytes podemos simplemente negarnos a establecer l\u00edmites tan grandes. Para dirty_ratio / dirty_background_ratio no es tan simple ya que el l\u00edmite sucio se calcula a partir de la cantidad de memoria disponible que puede cambiar debido a la conexi\u00f3n en caliente de la memoria, etc. Entonces, al convertir l\u00edmites sucios de proporciones a n\u00fameros de p\u00e1ginas, simplemente no permitimos el el resultado excede UINT_MAX. Este es un problema que se puede activar solo desde la ra\u00edz y que ocurre cuando el operador establece l\u00edmites sucios en >16 TB."}], "id": "CVE-2024-42131", "lastModified": "2024-11-21T09:33:40.053", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-07-30T08:15:05.130", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/2b2d2b8766db028bd827af34075f221ae9e9efff"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/385d838df280eba6c8680f9777bfa0d0bfe7e8b2"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/4d3817b64eda07491bdd86a234629fe0764fb42a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/7a49389771ae7666f4dc3426e2a4594bf23ae290"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/8e0b5e7f2895eccef5c2a0018b589266f90c4805"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/a25e8536184516b55ef89ab91dd2eea429de28d2"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/bd16a7ee339aef3ee4c90cb23902afb6af379ea0"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/c83ed422c24f0d4b264f89291d4fabe285f80dbc"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/385d838df280eba6c8680f9777bfa0d0bfe7e8b2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/7a49389771ae7666f4dc3426e2a4594bf23ae290"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/8e0b5e7f2895eccef5c2a0018b589266f90c4805"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/a25e8536184516b55ef89ab91dd2eea429de28d2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/bd16a7ee339aef3ee4c90cb23902afb6af379ea0"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/c83ed422c24f0d4b264f89291d4fabe285f80dbc"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-190"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2024:7001", "cpe": "cpe:/a:redhat:enterprise_linux:8::nfv", "package": "kernel-rt-0:4.18.0-553.22.1.rt7.363.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-09-24T00:00:00Z"}, {"advisory": "RHSA-2024:7000", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kernel-0:4.18.0-553.22.1.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-09-24T00:00:00Z"}, {"advisory": "RHSA-2024:6567", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-427.35.1.el9_4", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-09-11T00:00:00Z"}, {"advisory": "RHSA-2024:6567", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-427.35.1.el9_4", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-09-11T00:00:00Z"}, {"advisory": "RHSA-2024:6267", "cpe": "cpe:/a:redhat:rhel_eus:9.2", "package": "kernel-0:5.14.0-284.82.1.el9_2", "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date": "2024-09-04T00:00:00Z"}, {"advisory": "RHSA-2024:6268", "cpe": "cpe:/a:redhat:rhel_eus:9.2::nfv", "package": "kernel-rt-0:5.14.0-284.82.1.rt14.367.el9_2", "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date": "2024-09-04T00:00:00Z"}], "bugzilla": {"description": "kernel: mm: avoid overflows in dirty throttling logic", "id": "2301496", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2301496"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.4", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-190", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nmm: avoid overflows in dirty throttling logic\nThe dirty throttling logic is interspersed with assumptions that dirty\nlimits in PAGE_SIZE units fit into 32-bit (so that various multiplications\nfit into 64-bits). If limits end up being larger, we will hit overflows,\npossible divisions by 0 etc. Fix these problems by never allowing so\nlarge dirty limits as they have dubious practical value anyway. For\ndirty_bytes / dirty_background_bytes interfaces we can just refuse to set\nso large limits. For dirty_ratio / dirty_background_ratio it isn't so\nsimple as the dirty limit is computed from the amount of available memory\nwhich can change due to memory hotplug etc. So when converting dirty\nlimits from ratios to numbers of pages, we just don't allow the result to\nexceed UINT_MAX.\nThis is root-only triggerable problem which occurs when the operator\nsets dirty limits to >16 TB.", "A vulnerability was found in the Linux kernel's memory management subsystem where a lack of proper size checks on dirty limits can lead to situations where large dirty limits end up being larger than 32-bits, resulting in potential overflows and divisions by 0. This can cause memory corruption, system instability, or crashes."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-42131", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-07-30T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-42131\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-42131\nhttps://lore.kernel.org/linux-cve-announce/2024073027-CVE-2024-42131-2f7f@gregkh/T"], "statement": "Red Hat believes this flaw is moderate severity because the privileges necessary to exploit this vulnerability are high, as it requires a user to have elevated permissions to set the dirty page limits.", "threat_severity": "Moderate", "upstream_fix": "kernel 5.10.222, kernel 5.15.163, kernel 6.1.98, kernel 6.6.39, kernel 6.9.9, kernel 6.10"}