We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-36916

blk-iocost: avoid out of bounds shift



Description

In the Linux kernel, the following vulnerability has been resolved: blk-iocost: avoid out of bounds shift UBSAN catches undefined behavior in blk-iocost, where sometimes iocg->delay is shifted right by a number that is too large, resulting in undefined behavior on some architectures. [ 186.556576] ------------[ cut here ]------------ UBSAN: shift-out-of-bounds in block/blk-iocost.c:1366:23 shift exponent 64 is too large for 64-bit type 'u64' (aka 'unsigned long long') CPU: 16 PID: 0 Comm: swapper/16 Tainted: G S E N 6.9.0-0_fbk700_debug_rc2_kbuilder_0_gc85af715cac0 #1 Hardware name: Quanta Twin Lakes MP/Twin Lakes Passive MP, BIOS F09_3A23 12/08/2020 Call Trace: <IRQ> dump_stack_lvl+0x8f/0xe0 __ubsan_handle_shift_out_of_bounds+0x22c/0x280 iocg_kick_delay+0x30b/0x310 ioc_timer_fn+0x2fb/0x1f80 __run_timer_base+0x1b6/0x250 ... Avoid that undefined behavior by simply taking the "delay = 0" branch if the shift is too large. I am not sure what the symptoms of an undefined value delay will be, but I suspect it could be more than a little annoying to debug.

Reserved 2024-05-30 | Published 2024-05-30 | Updated 2024-12-19 | Assigner Linux

Product status

Default status
unaffected

7caa47151ab2e644dd221f741ec7578d9532c9a3 before 62accf6c1d7b433752cb3591bba8967b7a801ad5
affected

7caa47151ab2e644dd221f741ec7578d9532c9a3 before 844fc023e9f14a4fb1de5ae1eaefafd6d69c5fa1
affected

7caa47151ab2e644dd221f741ec7578d9532c9a3 before f6add0a6f78dc6360b822ca4b6f9f2f14174c8ca
affected

7caa47151ab2e644dd221f741ec7578d9532c9a3 before ce0e99cae00e3131872936713b7f55eefd53ab86
affected

7caa47151ab2e644dd221f741ec7578d9532c9a3 before 488dc6808cb8369685f18cee81e88e7052ac153b
affected

7caa47151ab2e644dd221f741ec7578d9532c9a3 before beaa51b36012fad5a4d3c18b88a617aea7a9b96d
affected

Default status
affected

5.4
affected

Any version before 5.4
unaffected

5.10.217
unaffected

5.15.159
unaffected

6.1.91
unaffected

6.6.31
unaffected

6.8.10
unaffected

6.9
unaffected

References

git.kernel.org/...c/62accf6c1d7b433752cb3591bba8967b7a801ad5

git.kernel.org/...c/844fc023e9f14a4fb1de5ae1eaefafd6d69c5fa1

git.kernel.org/...c/f6add0a6f78dc6360b822ca4b6f9f2f14174c8ca

git.kernel.org/...c/ce0e99cae00e3131872936713b7f55eefd53ab86

git.kernel.org/...c/488dc6808cb8369685f18cee81e88e7052ac153b

git.kernel.org/...c/beaa51b36012fad5a4d3c18b88a617aea7a9b96d

cve.org (CVE-2024-36916)

nvd.nist.gov (CVE-2024-36916)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-36916

Support options

Helpdesk Chat, Email, Knowledgebase
Subscribe to our newsletter to learn more about our work.