CVE-2024-43890

MEDIUM

Linux Kernel - Integer Overflow in tracing_map next_elt Counter

Title source: llm
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: tracing: Fix overflow in get_free_elt() "tracing_map->next_elt" in get_free_elt() is at risk of overflowing. Once it overflows, new elements can still be inserted into the tracing_map even though the maximum number of elements (`max_elts`) has been reached. Continuing to insert elements after the overflow could result in the tracing_map containing "tracing_map->max_size" elements, leaving no empty entries. If any attempt is made to insert an element into a full tracing_map using `__tracing_map_insert()`, it will cause an infinite loop with preemption disabled, leading to a CPU hang problem. Fix this by preventing any further increments to "tracing_map->next_elt" once it reaches "tracing_map->max_elt".

References (13)

Core 13
Core References

Scores

CVSS v3 5.5
EPSS 0.0026
EPSS Percentile 16.6%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-190
Status published
Products (27)
linux/Kernel 4.20.0 - 5.4.282linux
linux/Kernel 4.7.0 - 4.19.320linux
linux/Kernel 5.11.0 - 5.15.165linux
linux/Kernel 5.16.0 - 6.1.105linux
linux/Kernel 5.5.0 - 5.10.224linux
linux/Kernel 6.2.0 - 6.6.46linux
linux/Kernel 6.7.0 - 6.10.5linux
Linux/Linux < 4.7
Linux/Linux 08d43a5fa063e03c860f2f391a30c388bcbc948e - 236bb4690773ab6869b40bedc7bc8d889e36f9d6
Linux/Linux 08d43a5fa063e03c860f2f391a30c388bcbc948e - 302ceb625d7b990db205a15e371f9a71238de91c
... and 17 more
Published Aug 26, 2024
Tracked Since Feb 18, 2026