CVE-2024-42136

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.43

Description The vulnerability is related to a signed integer overflow in the cdrom ioctl timed media change() function of the Linux kernel. This issue can be exploited to impact the confidentiality, integrity, and availability of protected information. The vulnerability was identified using the syzkaller tool with the newly reintroduced signed integer wrap sanitizer, which encountered a splat indicating a signed-integer-overflow in the ../drivers/cdrom/cdrom.c file. The issue is caused by the interaction between the signed integer overflow sanitizer and the -fwrapv flag, which has been changed in the newest version of Clang. To resolve this issue, the check has been rearranged to avoid performing any arithmetic, thus not tripping the sanitizer.

Recommendations Update to Linux kernel version 6.6.43 or later to resolve the vulnerability. As a temporary workaround, consider disabling the cdrom ioctl() function until a patch is available. Restrict access to the vulnerable module to minimize the risk of exploitation. Avoid using deprecated SCSI ioctl, and convert to SG IO instead.