CVE-2025-39909

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: mm/damon/lru_sort: avoid divide-by-zero in damon_lru_sort_apply_parameters() Patch series "mm/damon: avoid divide-by-zero in DAMON module's parameters application". DAMON's RECLAIM and LRU_SORT modules perform no validation on user-configured parameters during application, which may lead to division-by-zero errors. Avoid the divide-by-zero by adding validation checks when DAMON modules attempt to apply the parameters. This patch (of 2): During the calculation of 'hot_thres' and 'cold_thres', either 'sample_interval' or 'aggr_interval' is used as the divisor, which may lead to division-by-zero errors. Fix it by directly returning -EINVAL when such a case occurs. Additionally, since 'aggr_interval' is already required to be set no smaller than 'sample_interval' in damon_set_attrs(), only the case where 'sample_interval' is zero needs to be checked.

CVSS Score

Affected Products

Related Weaknesses (CWE)

References

• https://git.kernel.org/stable/c/326a4b3750c71af3f3c52399ec4dbe33b6da4c26Patch
• https://git.kernel.org/stable/c/711f19dfd783ffb37ca4324388b9c4cb87e71363Patch
• https://git.kernel.org/stable/c/74e391f7da7d9d5235a3cca88ee9fc18f720c75bPatch
• https://git.kernel.org/stable/c/7bb675c9f0257840d33e5d1337d7e3afdd74a6bfPatch
• https://git.kernel.org/stable/c/af0ae62b935317bed1a1361c8c9579db9d300e70Patch
• https://lists.debian.org/debian-lts-announce/2025/10/msg00008.htmlThird Party Advisory