CVE-2024-36917

MEDIUM

Linux Kernel 2.6.28-6.1.90, 6.2.0-6.6.30, 6.7.0-6.8.9 - Integer Overflow in blk_ioctl_discard()

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: block: fix overflow in blk_ioctl_discard() There is no check for overflow of 'start + len' in blk_ioctl_discard(). Hung task occurs if submit an discard ioctl with the following param: start = 0x80000000000ff000, len = 0x8000000000fff000; Add the overflow validation now.

References (4)

Core 4

Core References

Patch

https://git.kernel.org/stable/c/8a26198186e97ee5fc4b42fde82629cff8c75cd6

Patch

https://git.kernel.org/stable/c/e1d38cde2b7b0fbd1c48082e7a98c37d750af59b

Patch

https://git.kernel.org/stable/c/507d526a98c355e6f3fb2c47aacad44a69784bee

Patch

https://git.kernel.org/stable/c/22d24a544b0d49bbcbd61c8c0eaf77d3c9297155

Scores

CVSS v3 5.5

EPSS 0.0022

EPSS Percentile 12.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-190

Status published

Products (15)

linux/Kernel 2.6.28 - 6.1.91linux

linux/Kernel 6.2.0 - 6.6.31linux

linux/Kernel 6.7.0 - 6.8.10linux

Linux/Linux < 2.6.28

Linux/Linux 2.6.28

Linux/Linux 6.1.91 - 6.1.*

Linux/Linux 6.6.31 - 6.6.*

Linux/Linux 6.8.10 - 6.8.*

Linux/Linux 6.9

Linux/Linux d30a2605be9d5132d95944916e8f578fcfe4f976 - 22d24a544b0d49bbcbd61c8c0eaf77d3c9297155

... and 5 more

Published May 30, 2024

Tracked Since Feb 18, 2026