CVE-2024-42102

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to a potential integer overflow in the dirty throttling logic of the Linux kernel's mm/writeback component. This logic assumes that dirty limits in page units fit into 32-bits. The problem arises when the removed (u64) cast from the multiplication introduces a multiplication overflow on 32-bit architectures if wb thresh * bg thresh >= 1<<32, which can occur with default settings and 4GB of RAM. Additionally, the use of div64 u64() is unnecessarily expensive on 32-bit architectures, and div64 ul() can be used instead for safety and efficiency. If dirty thresholds exceed 1<<32 pages, dirty balancing may fail in multiple ways, making the fix for one possible overflow moot.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.