{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-57875", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-01-11T14:45:42.023Z", "datePublished": "2025-01-11T14:49:01.655Z", "dateUpdated": "2025-05-04T10:05:37.175Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T10:05:37.175Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: RCU protect disk->conv_zones_bitmap\n\nEnsure that a disk revalidation changing the conventional zones bitmap\nof a disk does not cause invalid memory references when using the\ndisk_zone_is_conv() helper by RCU protecting the disk->conv_zones_bitmap\npointer.\n\ndisk_zone_is_conv() is modified to operate under the RCU read lock and\nthe function disk_set_conv_zones_bitmap() is added to update a disk\nconv_zones_bitmap pointer using rcu_replace_pointer() with the disk\nzone_wplugs_lock spinlock held.\n\ndisk_free_zone_resources() is modified to call\ndisk_update_zone_resources() with a NULL bitmap pointer to free the disk\nconv_zones_bitmap. disk_set_conv_zones_bitmap() is also used in\ndisk_update_zone_resources() to set the new (revalidated) bitmap and\nfree the old one."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["block/blk-zoned.c", "include/linux/blkdev.h"], "versions": [{"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "493326c4f10cc71a42c27fdc97ce112182ee4cbc", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "d7cb6d7414ea1b33536fa6d11805cb8dceec1f97", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["block/blk-zoned.c", "include/linux/blkdev.h"], "versions": [{"version": "6.12.5", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.13", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.12.5"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.13"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/493326c4f10cc71a42c27fdc97ce112182ee4cbc"}, {"url": "https://git.kernel.org/stable/c/d7cb6d7414ea1b33536fa6d11805cb8dceec1f97"}], "title": "block: RCU protect disk->conv_zones_bitmap", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "75E05E0A-C898-433A-8E50-6D9EC8646A64", "versionEndExcluding": "6.12.5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: RCU protect disk->conv_zones_bitmap\n\nEnsure that a disk revalidation changing the conventional zones bitmap\nof a disk does not cause invalid memory references when using the\ndisk_zone_is_conv() helper by RCU protecting the disk->conv_zones_bitmap\npointer.\n\ndisk_zone_is_conv() is modified to operate under the RCU read lock and\nthe function disk_set_conv_zones_bitmap() is added to update a disk\nconv_zones_bitmap pointer using rcu_replace_pointer() with the disk\nzone_wplugs_lock spinlock held.\n\ndisk_free_zone_resources() is modified to call\ndisk_update_zone_resources() with a NULL bitmap pointer to free the disk\nconv_zones_bitmap. disk_set_conv_zones_bitmap() is also used in\ndisk_update_zone_resources() to set the new (revalidated) bitmap and\nfree the old one."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bloque: RCU protege disk->conv_zones_bitmap Aseg\u00farese de que una revalidaci\u00f3n de disco que cambia el mapa de bits de las zonas convencionales de un disco no cause referencias de memoria no v\u00e1lidas cuando se usa el asistente disk_zone_is_conv() mediante la protecci\u00f3n por RCU del puntero disk->conv_zones_bitmap. disk_zone_is_conv() se modifica para que funcione bajo el bloqueo de lectura de RCU y se agrega la funci\u00f3n disk_set_conv_zones_bitmap() para actualizar un puntero conv_zones_bitmap de disco usando rcu_replace_pointer() con el bloqueo giratorio zone_wplugs_lock de disco retenido. disk_free_zone_resources() se modifica para llamar a disk_update_zone_resources() con un puntero de mapa de bits NULL para liberar el disco conv_zones_bitmap. disk_set_conv_zones_bitmap() tambi\u00e9n se utiliza en disk_update_zone_resources() para establecer el nuevo mapa de bits (revalidado) y liberar el antiguo."}], "id": "CVE-2024-57875", "lastModified": "2025-10-17T15:27:09.940", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2025-01-11T15:15:07.803", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/493326c4f10cc71a42c27fdc97ce112182ee4cbc"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/d7cb6d7414ea1b33536fa6d11805cb8dceec1f97"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-416"}, {"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: block: RCU protect disk->conv_zones_bitmap", "id": "2337146", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2337146"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.7", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "status": "draft"}, "cwe": "CWE-416", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nblock: RCU protect disk->conv_zones_bitmap\nEnsure that a disk revalidation changing the conventional zones bitmap\nof a disk does not cause invalid memory references when using the\ndisk_zone_is_conv() helper by RCU protecting the disk->conv_zones_bitmap\npointer.\ndisk_zone_is_conv() is modified to operate under the RCU read lock and\nthe function disk_set_conv_zones_bitmap() is added to update a disk\nconv_zones_bitmap pointer using rcu_replace_pointer() with the disk\nzone_wplugs_lock spinlock held.\ndisk_free_zone_resources() is modified to call\ndisk_update_zone_resources() with a NULL bitmap pointer to free the disk\nconv_zones_bitmap. disk_set_conv_zones_bitmap() is also used in\ndisk_update_zone_resources() to set the new (revalidated) bitmap and\nfree the old one."], "name": "CVE-2024-57875", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-01-11T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-57875\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-57875\nhttps://lore.kernel.org/linux-cve-announce/2025011107-CVE-2024-57875-7902@gregkh/T"], "threat_severity": "Moderate"}

{"created": "2025-07-13T21:06:57.864933+00:00", "updated": "2025-07-13T21:06:57.864984+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}