CVE-2024-42242

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue arises from a change in how the maximum segment size is handled, specifically in the sdhci component. The function blk queue max segment size() ensures that the maximum size is at least equal to PAGE SIZE, whereas blk validate limits() returns an error if the maximum segment size is less than PAGE SIZE. This change exposed a problem where sdhci was setting the maximum segment size too low in certain circumstances. The fix involves correcting the maximum segment size when it is set too low.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Allocation of Resources Without Limits

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-770CWE-99

Related Identifiers

BDU:2025-02973

CVE-2024-42242

Affected Products

Astra Linux

Linux Kernel

CVE-2024-42242

Weakness Enumeration

Related Identifiers

Affected Products

References · 18