CVE-2024-42131

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to an integer overflow in the dirty throttling logic of the Linux kernel's mm component. This occurs when the operator sets dirty limits to more than 16 TB, causing potential overflows and divisions by zero. The problem is root-only triggerable and can be mitigated by never allowing dirty limits to exceed a certain value. The dirty bytes, dirty background bytes, dirty ratio, and dirty background ratio interfaces are affected, and the issue can be triggered when converting dirty limits from ratios to numbers of pages. The vulnerable functions include domain dirty limits(), node dirty limit(), dirty background bytes handler(), and dirty bytes handler() in mm/page-writeback.c. Exploitation of this issue may allow an attacker to execute arbitrary code.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.