Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: blk-iocost: avoid out of bounds shift UBSAN catches undefined behavior in blk-iocost, where sometimes iocg->delay is shifted right by a number that is too large, resulting in undefined behavior on some architectures. [ 186.556576] ------------[ cut here ]------------ UBSAN: shift-out-of-bounds in block/blk-iocost.c:1366:23 shift exponent 64 is too large for 64-bit type 'u64' (aka 'unsigned long long') CPU: 16 PID: 0 Comm: swapper/16 Tainted: G S E N 6.9.0-0_fbk700_debug_rc2_kbuilder_0_gc85af715cac0 #1 Hardware name: Quanta Twin Lakes MP/Twin Lakes Passive MP, BIOS F09_3A23 12/08/2020 Call Trace: <IRQ> dump_stack_lvl+0x8f/0xe0 __ubsan_handle_shift_out_of_bounds+0x22c/0x280 iocg_kick_delay+0x30b/0x310 ioc_timer_fn+0x2fb/0x1f80 __run_timer_base+0x1b6/0x250 ... Avoid that undefined behavior by simply taking the "delay = 0" branch if the shift is too large. I am not sure what the symptoms of an undefined value delay will be, but I suspect it could be more than a little annoying to debug.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 5.10, < 5.10.217 |
| Debian | Debian Linux | 10.0 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/488dc6808cb8369685f18cee81e88e7052ac153bPatch
- https://git.kernel.org/stable/c/62accf6c1d7b433752cb3591bba8967b7a801ad5Patch
- https://git.kernel.org/stable/c/844fc023e9f14a4fb1de5ae1eaefafd6d69c5fa1Patch
- https://git.kernel.org/stable/c/beaa51b36012fad5a4d3c18b88a617aea7a9b96dPatch
- https://git.kernel.org/stable/c/ce0e99cae00e3131872936713b7f55eefd53ab86Patch
- https://git.kernel.org/stable/c/f6add0a6f78dc6360b822ca4b6f9f2f14174c8caPatch
- https://git.kernel.org/stable/c/488dc6808cb8369685f18cee81e88e7052ac153bPatch
- https://git.kernel.org/stable/c/62accf6c1d7b433752cb3591bba8967b7a801ad5Patch
- https://git.kernel.org/stable/c/844fc023e9f14a4fb1de5ae1eaefafd6d69c5fa1Patch
- https://git.kernel.org/stable/c/beaa51b36012fad5a4d3c18b88a617aea7a9b96dPatch
- https://git.kernel.org/stable/c/ce0e99cae00e3131872936713b7f55eefd53ab86Patch
- https://git.kernel.org/stable/c/f6add0a6f78dc6360b822ca4b6f9f2f14174c8caPatch
- https://lists.debian.org/debian-lts-announce/2024/06/msg00019.htmlThird Party Advisory
- https://security.netapp.com/advisory/ntap-20240905-0006/Third Party Advisory
- https://cert-portal.siemens.com/productcert/html/ssa-265688.html
FAQ
What is CVE-2024-36916?
CVE-2024-36916 is a vulnerability with a CVSS score of 7.1 (HIGH). In the Linux kernel, the following vulnerability has been resolved: blk-iocost: avoid out of bounds shift UBSAN catches undefined behavior in blk-iocost, where sometimes iocg->delay is shifted right...
How severe is CVE-2024-36916?
CVE-2024-36916 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-36916?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel, Debian Debian Linux.