GHSA-6WCV-9326-M4QG
Vulnerability from github – Published: 2025-12-09 03:31 – Updated: 2025-12-09 03:31In the Linux kernel, the following vulnerability has been resolved:
blk-iocost: fix divide by 0 error in calc_lcoefs()
echo max of u64 to cost.model can cause divide by 0 error.
# echo 8:0 rbps=18446744073709551615 > /sys/fs/cgroup/io.cost.model
divide error: 0000 [#1] PREEMPT SMP RIP: 0010:calc_lcoefs+0x4c/0xc0 Call Trace: ioc_refresh_params+0x2b3/0x4f0 ioc_cost_model_write+0x3cb/0x4c0 ? _copy_from_iter+0x6d/0x6c0 ? kernfs_fop_write_iter+0xfc/0x270 cgroup_file_write+0xa0/0x200 kernfs_fop_write_iter+0x17d/0x270 vfs_write+0x414/0x620 ksys_write+0x73/0x160 __x64_sys_write+0x1e/0x30 do_syscall_64+0x35/0x80 entry_SYSCALL_64_after_hwframe+0x63/0xcd
calc_lcoefs() uses the input value of cost.model in DIV_ROUND_UP_ULL, overflow would happen if bps plus IOC_PAGE_SIZE is greater than ULLONG_MAX, it can cause divide by 0 error.
Fix the problem by setting basecost
{
"affected": [],
"aliases": [
"CVE-2023-53783"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-12-09T01:16:49Z",
"severity": null
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-iocost: fix divide by 0 error in calc_lcoefs()\n\necho max of u64 to cost.model can cause divide by 0 error.\n\n # echo 8:0 rbps=18446744073709551615 \u003e /sys/fs/cgroup/io.cost.model\n\n divide error: 0000 [#1] PREEMPT SMP\n RIP: 0010:calc_lcoefs+0x4c/0xc0\n Call Trace:\n \u003cTASK\u003e\n ioc_refresh_params+0x2b3/0x4f0\n ioc_cost_model_write+0x3cb/0x4c0\n ? _copy_from_iter+0x6d/0x6c0\n ? kernfs_fop_write_iter+0xfc/0x270\n cgroup_file_write+0xa0/0x200\n kernfs_fop_write_iter+0x17d/0x270\n vfs_write+0x414/0x620\n ksys_write+0x73/0x160\n __x64_sys_write+0x1e/0x30\n do_syscall_64+0x35/0x80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\ncalc_lcoefs() uses the input value of cost.model in DIV_ROUND_UP_ULL,\noverflow would happen if bps plus IOC_PAGE_SIZE is greater than\nULLONG_MAX, it can cause divide by 0 error.\n\nFix the problem by setting basecost",
"id": "GHSA-6wcv-9326-m4qg",
"modified": "2025-12-09T03:31:10Z",
"published": "2025-12-09T03:31:10Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53783"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/3538ade9d8c2ba41088e395de916f2599fadba8f"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/6e291810fe83a384700eb24a1f714966391ed562"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/984af1e66b4126cf145153661cc24c213e2ec231"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/9e8bf9f95f7a299fa9ea45b678d001806ad5e12c"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/b96d7b4a9745fbd0c8384608ceb1f50415e862fa"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/bf8eb1fd6110871e6232e8e7efe399276ef7e6f6"
}
],
"schema_version": "1.4.0",
"severity": []
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.