CVE-2024-50270

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: avoid overflow in damon_feed_loop_next_input() damon_feed_loop_next_input() is inefficient and fragile to overflows. Specifically, 'score_goal_diff_bp' calculation can overflow when 'score' is high. The calculation is actually unnecessary at all because 'goal' is a constant of value 10,000. Calculation of 'compensation' is again fragile to overflow. Final calculation of return value for under-achiving case is again fragile to overflow when the current score is under-achieving the target. Add two corner cases handling at the beginning of the function to make the body easier to read, and rewrite the body of the function to avoid overflows and the unnecessary bp value calcuation.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/2d339a1f0f16ff5dea58e612ff336f0be0d041e9	Patch
https://git.kernel.org/stable/c/4401e9d10ab0281a520b9f8c220f30f60b5c248f	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.12:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.12:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.12:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.12:rc4::::::
	cpe:2.3:o:linux:linux_kernel:6.12:rc5::::::
	cpe:2.3:o:linux:linux_kernel:6.12:rc6::::::

History

26 Nov 2024, 22:38

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
CWE		CWE-190
References	~~() https://git.kernel.org/stable/c/2d339a1f0f16ff5dea58e612ff336f0be0d041e9 -~~	() https://git.kernel.org/stable/c/2d339a1f0f16ff5dea58e612ff336f0be0d041e9 - Patch
References	~~() https://git.kernel.org/stable/c/4401e9d10ab0281a520b9f8c220f30f60b5c248f -~~	() https://git.kernel.org/stable/c/4401e9d10ab0281a520b9f8c220f30f60b5c248f - Patch
First Time		Linux linux Kernel Linux
CPE		cpe:2.3:o:linux:linux_kernel:6.12:rc3:::::: cpe:2.3:o:linux:linux_kernel:6.12:rc2:::::: cpe:2.3:o:linux:linux_kernel:6.12:rc1:::::: cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:6.12:rc4:::::: cpe:2.3:o:linux:linux_kernel:6.12:rc6:::::: cpe:2.3:o:linux:linux_kernel:6.12:rc5::::::

19 Nov 2024, 21:57

Type	Values Removed	Values Added
Summary		(es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mm/damon/core: evitar desbordamientos en damon_feed_loop_next_input() damon_feed_loop_next_input() es ineficiente y frágil a desbordamientos. Específicamente, el cálculo de 'score_goal_diff_bp' puede desbordarse cuando 'score' es alto. El cálculo es realmente innecesario en absoluto porque 'goal' es una constante de valor 10,000. El cálculo de 'compensación' es nuevamente frágil a desbordamientos. El cálculo final del valor de retorno para el caso de bajo rendimiento es nuevamente frágil a desbordamientos cuando el puntaje actual no alcanza el objetivo. Agregue dos casos extremos de manejo al comienzo de la función para hacer que el cuerpo sea más fácil de leer y reescriba el cuerpo de la función para evitar desbordamientos y el cálculo innecesario del valor bp.

19 Nov 2024, 02:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-11-19 02:16

Updated : 2024-11-26 22:38

NVD link : CVE-2024-50270

Mitre link : CVE-2024-50270

CVE.ORG link : CVE-2024-50270

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-190

Integer Overflow or Wraparound

5.5 /10