Vulnerability Details : CVE-2024-36917
In the Linux kernel, the following vulnerability has been resolved:
block: fix overflow in blk_ioctl_discard()
There is no check for overflow of 'start + len' in blk_ioctl_discard().
Hung task occurs if submit an discard ioctl with the following param:
start = 0x80000000000ff000, len = 0x8000000000fff000;
Add the overflow validation now.
Products affected by CVE-2024-36917
Please log in to view affected product information.
Exploit prediction scoring system (EPSS) score for CVE-2024-36917
0.13%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 34 %
Percentile, the proportion of vulnerabilities that are scored at or less
References for CVE-2024-36917
-
https://git.kernel.org/stable/c/e1d38cde2b7b0fbd1c48082e7a98c37d750af59b
block: fix overflow in blk_ioctl_discard() - kernel/git/stable/linux.git - Linux kernel stable tree
-
https://git.kernel.org/stable/c/0842ddd83939eb4db940b9af7d39e79722bc41aa
block: fix integer overflow in BLKSECDISCARD - kernel/git/stable/linux.git - Linux kernel stable tree
-
https://git.kernel.org/stable/c/8a26198186e97ee5fc4b42fde82629cff8c75cd6
block: fix overflow in blk_ioctl_discard() - kernel/git/stable/linux.git - Linux kernel stable tree
-
https://git.kernel.org/stable/c/22d24a544b0d49bbcbd61c8c0eaf77d3c9297155
block: fix overflow in blk_ioctl_discard() - kernel/git/stable/linux.git - Linux kernel stable tree
-
https://git.kernel.org/stable/c/6c9915fa9410cbb9bd75ee283c03120046c56d3d
block: fix integer overflow in BLKSECDISCARD - kernel/git/stable/linux.git - Linux kernel stable tree
-
https://git.kernel.org/stable/c/507d526a98c355e6f3fb2c47aacad44a69784bee
block: fix overflow in blk_ioctl_discard() - kernel/git/stable/linux.git - Linux kernel stable tree
Jump to