PT-2024-7325 · Linux+9 · Linux Kernel+9

Published

2024-01-25

·

Updated

2026-05-26

·

CVE-2024-26720

CVSS v2.0

4.6

Medium

VectorAV:L/AC:L/Au:S/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)
Description: The issue is related to a possible divide-by-zero error in the wb dirty limits() function. This error occurs because the thresh value, which is an unsigned long, is passed as a u32 divisor argument to div u64(). On architectures where unsigned long is 64 bytes, the argument will be implicitly truncated. To fix this, div64 u64() is used instead of div u64() to ensure the value used in the "is this a safe division" check is the same as the divisor. The vulnerability is difficult to exploit in the memcg domain but easier in the global writeback domain with a BDI CAP STRICTLIMIT-backing device.
Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Divide By Zero

Weakness Enumeration

CWE-369

Related Identifiers

ALSA-2024:6567
ALSA-2024:7000
ALSA-2024:7001
BDU:2024-08680
CESA-2024_7000
CESA-2024_7001
CVE-2024-26720
DLA-3840-1
DLA-3842-1
DSA-5658-1
DSA-5681-1
INFSA-2024_6567
INFSA-2024_7000
INFSA-2024_7001
OESA-2024-1617
OESA-2024-1618
OESA-2024-1622
OESA-2024-1647
OESA-2024-1648
OESA-2024-1649
OPENSUSE-SU-2024_2372-1
OPENSUSE-SU-2024_2394-1
RHSA-2024:4533
RHSA-2024:4554
RHSA-2024:6206
RHSA-2024:6567
RHSA-2024:7000
RHSA-2024:7001
RHSA-2024_6567
RHSA-2024_7000
RHSA-2024_7001
RLSA-2024:6567
RLSA-2024:7001
RXSA-2024:6567
SUSE-SU-2024:2360-1
SUSE-SU-2024:2372-1
SUSE-SU-2024:2381-1
SUSE-SU-2024:2394-1
SUSE-SU-2024:2561-1
SUSE-SU-2024:2939-1
USN-6766-1
USN-6766-2
USN-6766-3
USN-6767-1
USN-6767-2
USN-6795-1
USN-6828-1
USN-6865-1
USN-6866-1
USN-6866-2
USN-6866-3
USN-6895-1
USN-6895-2
USN-6895-3
USN-6895-4
USN-6900-1

Affected Products

Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu