{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-50270", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-10-21T19:36:19.982Z", "datePublished": "2024-11-19T01:30:08.406Z", "dateUpdated": "2025-05-04T09:50:24.441Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T09:50:24.441Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/damon/core: avoid overflow in damon_feed_loop_next_input()\n\ndamon_feed_loop_next_input() is inefficient and fragile to overflows. \nSpecifically, 'score_goal_diff_bp' calculation can overflow when 'score'\nis high. The calculation is actually unnecessary at all because 'goal' is\na constant of value 10,000. Calculation of 'compensation' is again\nfragile to overflow. Final calculation of return value for under-achiving\ncase is again fragile to overflow when the current score is\nunder-achieving the target.\n\nAdd two corner cases handling at the beginning of the function to make the\nbody easier to read, and rewrite the body of the function to avoid\noverflows and the unnecessary bp value calcuation."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["mm/damon/core.c"], "versions": [{"version": "9294a037c01564786abb15436529fae3863268a2", "lessThan": "2d339a1f0f16ff5dea58e612ff336f0be0d041e9", "status": "affected", "versionType": "git"}, {"version": "9294a037c01564786abb15436529fae3863268a2", "lessThan": "4401e9d10ab0281a520b9f8c220f30f60b5c248f", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["mm/damon/core.c"], "versions": [{"version": "6.8", "status": "affected"}, {"version": "0", "lessThan": "6.8", "status": "unaffected", "versionType": "semver"}, {"version": "6.11.8", "lessThanOrEqual": "6.11.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.8", "versionEndExcluding": "6.11.8"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.8", "versionEndExcluding": "6.12"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/2d339a1f0f16ff5dea58e612ff336f0be0d041e9"}, {"url": "https://git.kernel.org/stable/c/4401e9d10ab0281a520b9f8c220f30f60b5c248f"}], "title": "mm/damon/core: avoid overflow in damon_feed_loop_next_input()", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "24AB354E-701F-4D6C-8B18-A0BBA5C21C30", "versionEndExcluding": "6.11.8", "versionStartIncluding": "6.8", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*", "matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*", "matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*", "matchCriteriaId": "3C95E234-D335-4B6C-96BF-E2CEBD8654ED", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*", "matchCriteriaId": "E0F717D8-3014-4F84-8086-0124B2111379", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc5:*:*:*:*:*:*", "matchCriteriaId": "24DBE6C7-2AAE-4818-AED2-E131F153D2FA", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc6:*:*:*:*:*:*", "matchCriteriaId": "24B88717-53F5-42AA-9B72-14C707639E3F", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/damon/core: avoid overflow in damon_feed_loop_next_input()\n\ndamon_feed_loop_next_input() is inefficient and fragile to overflows. \nSpecifically, 'score_goal_diff_bp' calculation can overflow when 'score'\nis high. The calculation is actually unnecessary at all because 'goal' is\na constant of value 10,000. Calculation of 'compensation' is again\nfragile to overflow. Final calculation of return value for under-achiving\ncase is again fragile to overflow when the current score is\nunder-achieving the target.\n\nAdd two corner cases handling at the beginning of the function to make the\nbody easier to read, and rewrite the body of the function to avoid\noverflows and the unnecessary bp value calcuation."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mm/damon/core: evitar desbordamientos en damon_feed_loop_next_input() damon_feed_loop_next_input() es ineficiente y fr\u00e1gil a desbordamientos. Espec\u00edficamente, el c\u00e1lculo de 'score_goal_diff_bp' puede desbordarse cuando 'score' es alto. El c\u00e1lculo es realmente innecesario en absoluto porque 'goal' es una constante de valor 10,000. El c\u00e1lculo de 'compensaci\u00f3n' es nuevamente fr\u00e1gil a desbordamientos. El c\u00e1lculo final del valor de retorno para el caso de bajo rendimiento es nuevamente fr\u00e1gil a desbordamientos cuando el puntaje actual no alcanza el objetivo. Agregue dos casos extremos de manejo al comienzo de la funci\u00f3n para hacer que el cuerpo sea m\u00e1s f\u00e1cil de leer y reescriba el cuerpo de la funci\u00f3n para evitar desbordamientos y el c\u00e1lculo innecesario del valor bp."}], "id": "CVE-2024-50270", "lastModified": "2024-11-26T22:38:18.377", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-11-19T02:16:29.033", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/2d339a1f0f16ff5dea58e612ff336f0be0d041e9"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/4401e9d10ab0281a520b9f8c220f30f60b5c248f"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-190"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: mm/damon/core: avoid overflow in damon_feed_loop_next_input()", "id": "2327204", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2327204"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-190", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nmm/damon/core: avoid overflow in damon_feed_loop_next_input()\ndamon_feed_loop_next_input() is inefficient and fragile to overflows. \nSpecifically, 'score_goal_diff_bp' calculation can overflow when 'score'\nis high. The calculation is actually unnecessary at all because 'goal' is\na constant of value 10,000. Calculation of 'compensation' is again\nfragile to overflow. Final calculation of return value for under-achiving\ncase is again fragile to overflow when the current score is\nunder-achieving the target.\nAdd two corner cases handling at the beginning of the function to make the\nbody easier to read, and rewrite the body of the function to avoid\noverflows and the unnecessary bp value calcuation."], "name": "CVE-2024-50270", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-11-19T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-50270\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-50270\nhttps://lore.kernel.org/linux-cve-announce/2024111927-CVE-2024-50270-473a@gregkh/T"], "threat_severity": "Low"}

{}