CVE-2024-57875 (GCVE-0-2024-57875)

Vulnerability from cvelistv5 – Published: 2025-01-11 14:49 – Updated: 2025-05-04 10:05
VLAI?
Summary
In the Linux kernel, the following vulnerability has been resolved: block: RCU protect disk->conv_zones_bitmap Ensure that a disk revalidation changing the conventional zones bitmap of a disk does not cause invalid memory references when using the disk_zone_is_conv() helper by RCU protecting the disk->conv_zones_bitmap pointer. disk_zone_is_conv() is modified to operate under the RCU read lock and the function disk_set_conv_zones_bitmap() is added to update a disk conv_zones_bitmap pointer using rcu_replace_pointer() with the disk zone_wplugs_lock spinlock held. disk_free_zone_resources() is modified to call disk_update_zone_resources() with a NULL bitmap pointer to free the disk conv_zones_bitmap. disk_set_conv_zones_bitmap() is also used in disk_update_zone_resources() to set the new (revalidated) bitmap and free the old one.
Severity ?
No CVSS data available.
Assigner
References
Impacted products
Vendor Product Version
Linux Linux Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < 493326c4f10cc71a42c27fdc97ce112182ee4cbc (git)
Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < d7cb6d7414ea1b33536fa6d11805cb8dceec1f97 (git)
Create a notification for this product.
    Linux Linux Unaffected: 6.12.5 , ≤ 6.12.* (semver)
Unaffected: 6.13 , ≤ * (original_commit_for_fix)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "block/blk-zoned.c",
            "include/linux/blkdev.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "493326c4f10cc71a42c27fdc97ce112182ee4cbc",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "d7cb6d7414ea1b33536fa6d11805cb8dceec1f97",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "block/blk-zoned.c",
            "include/linux/blkdev.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.5",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.5",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.13",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: RCU protect disk-\u003econv_zones_bitmap\n\nEnsure that a disk revalidation changing the conventional zones bitmap\nof a disk does not cause invalid memory references when using the\ndisk_zone_is_conv() helper by RCU protecting the disk-\u003econv_zones_bitmap\npointer.\n\ndisk_zone_is_conv() is modified to operate under the RCU read lock and\nthe function disk_set_conv_zones_bitmap() is added to update a disk\nconv_zones_bitmap pointer using rcu_replace_pointer() with the disk\nzone_wplugs_lock spinlock held.\n\ndisk_free_zone_resources() is modified to call\ndisk_update_zone_resources() with a NULL bitmap pointer to free the disk\nconv_zones_bitmap. disk_set_conv_zones_bitmap() is also used in\ndisk_update_zone_resources() to set the new (revalidated) bitmap and\nfree the old one."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-04T10:05:37.175Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/493326c4f10cc71a42c27fdc97ce112182ee4cbc"
        },
        {
          "url": "https://git.kernel.org/stable/c/d7cb6d7414ea1b33536fa6d11805cb8dceec1f97"
        }
      ],
      "title": "block: RCU protect disk-\u003econv_zones_bitmap",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-57875",
    "datePublished": "2025-01-11T14:49:01.655Z",
    "dateReserved": "2025-01-11T14:45:42.023Z",
    "dateUpdated": "2025-05-04T10:05:37.175Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "descriptions": "[{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nblock: RCU protect disk-\u003econv_zones_bitmap\\n\\nEnsure that a disk revalidation changing the conventional zones bitmap\\nof a disk does not cause invalid memory references when using the\\ndisk_zone_is_conv() helper by RCU protecting the disk-\u003econv_zones_bitmap\\npointer.\\n\\ndisk_zone_is_conv() is modified to operate under the RCU read lock and\\nthe function disk_set_conv_zones_bitmap() is added to update a disk\\nconv_zones_bitmap pointer using rcu_replace_pointer() with the disk\\nzone_wplugs_lock spinlock held.\\n\\ndisk_free_zone_resources() is modified to call\\ndisk_update_zone_resources() with a NULL bitmap pointer to free the disk\\nconv_zones_bitmap. disk_set_conv_zones_bitmap() is also used in\\ndisk_update_zone_resources() to set the new (revalidated) bitmap and\\nfree the old one.\"}]",
      "id": "CVE-2024-57875",
      "lastModified": "2025-01-11T15:15:07.803",
      "published": "2025-01-11T15:15:07.803",
      "references": "[{\"url\": \"https://git.kernel.org/stable/c/493326c4f10cc71a42c27fdc97ce112182ee4cbc\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/d7cb6d7414ea1b33536fa6d11805cb8dceec1f97\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]",
      "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "vulnStatus": "Received"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-57875\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-01-11T15:15:07.803\",\"lastModified\":\"2025-10-17T15:27:09.940\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nblock: RCU protect disk-\u003econv_zones_bitmap\\n\\nEnsure that a disk revalidation changing the conventional zones bitmap\\nof a disk does not cause invalid memory references when using the\\ndisk_zone_is_conv() helper by RCU protecting the disk-\u003econv_zones_bitmap\\npointer.\\n\\ndisk_zone_is_conv() is modified to operate under the RCU read lock and\\nthe function disk_set_conv_zones_bitmap() is added to update a disk\\nconv_zones_bitmap pointer using rcu_replace_pointer() with the disk\\nzone_wplugs_lock spinlock held.\\n\\ndisk_free_zone_resources() is modified to call\\ndisk_update_zone_resources() with a NULL bitmap pointer to free the disk\\nconv_zones_bitmap. disk_set_conv_zones_bitmap() is also used in\\ndisk_update_zone_resources() to set the new (revalidated) bitmap and\\nfree the old one.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bloque: RCU protege disk-\u0026gt;conv_zones_bitmap Aseg\u00farese de que una revalidaci\u00f3n de disco que cambia el mapa de bits de las zonas convencionales de un disco no cause referencias de memoria no v\u00e1lidas cuando se usa el asistente disk_zone_is_conv() mediante la protecci\u00f3n por RCU del puntero disk-\u0026gt;conv_zones_bitmap. disk_zone_is_conv() se modifica para que funcione bajo el bloqueo de lectura de RCU y se agrega la funci\u00f3n disk_set_conv_zones_bitmap() para actualizar un puntero conv_zones_bitmap de disco usando rcu_replace_pointer() con el bloqueo giratorio zone_wplugs_lock de disco retenido. disk_free_zone_resources() se modifica para llamar a disk_update_zone_resources() con un puntero de mapa de bits NULL para liberar el disco conv_zones_bitmap. disk_set_conv_zones_bitmap() tambi\u00e9n se utiliza en disk_update_zone_resources() para establecer el nuevo mapa de bits (revalidado) y liberar el antiguo.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"},{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.12.5\",\"matchCriteriaId\":\"75E05E0A-C898-433A-8E50-6D9EC8646A64\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/493326c4f10cc71a42c27fdc97ce112182ee4cbc\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/d7cb6d7414ea1b33536fa6d11805cb8dceec1f97\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.