We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-36916

blk-iocost: avoid out of bounds shift



AssignerLinux
Reserved2024-05-30
Published2024-05-30
Updated2024-09-05

Description

In the Linux kernel, the following vulnerability has been resolved: blk-iocost: avoid out of bounds shift UBSAN catches undefined behavior in blk-iocost, where sometimes iocg->delay is shifted right by a number that is too large, resulting in undefined behavior on some architectures. [ 186.556576] ------------[ cut here ]------------ UBSAN: shift-out-of-bounds in block/blk-iocost.c:1366:23 shift exponent 64 is too large for 64-bit type 'u64' (aka 'unsigned long long') CPU: 16 PID: 0 Comm: swapper/16 Tainted: G S E N 6.9.0-0_fbk700_debug_rc2_kbuilder_0_gc85af715cac0 #1 Hardware name: Quanta Twin Lakes MP/Twin Lakes Passive MP, BIOS F09_3A23 12/08/2020 Call Trace: <IRQ> dump_stack_lvl+0x8f/0xe0 __ubsan_handle_shift_out_of_bounds+0x22c/0x280 iocg_kick_delay+0x30b/0x310 ioc_timer_fn+0x2fb/0x1f80 __run_timer_base+0x1b6/0x250 ... Avoid that undefined behavior by simply taking the "delay = 0" branch if the shift is too large. I am not sure what the symptoms of an undefined value delay will be, but I suspect it could be more than a little annoying to debug.

Product status

Default status
0x400371fa60

1da177e4c3f4 before 62accf6c1d7b
affected

1da177e4c3f4 before 844fc023e9f1
affected

1da177e4c3f4 before f6add0a6f78d
affected

1da177e4c3f4 before ce0e99cae00e
affected

1da177e4c3f4 before 488dc6808cb8
affected

1da177e4c3f4 before beaa51b36012
affected

Default status
0x400371fb70

5.10.217
unaffected

5.15.159
unaffected

6.1.91
unaffected

6.6.31
unaffected

6.8.10
unaffected

6.9
unaffected

References

https://git.kernel.org/stable/c/62accf6c1d7b433752cb3591bba8967b7a801ad5

https://git.kernel.org/stable/c/844fc023e9f14a4fb1de5ae1eaefafd6d69c5fa1

https://git.kernel.org/stable/c/f6add0a6f78dc6360b822ca4b6f9f2f14174c8ca

https://git.kernel.org/stable/c/ce0e99cae00e3131872936713b7f55eefd53ab86

https://git.kernel.org/stable/c/488dc6808cb8369685f18cee81e88e7052ac153b

https://git.kernel.org/stable/c/beaa51b36012fad5a4d3c18b88a617aea7a9b96d

https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html

cve.org CVE-2024-36916

nvd.nist.gov CVE-2024-36916

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-36916
Subscribe to our newsletter to learn more about our work.