CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2024-57875: block: RCU protect disk->conv_zones_bitmap

Description

In the Linux kernel, the following vulnerability has been resolved:

block: RCU protect disk->conv_zones_bitmap

Ensure that a disk revalidation changing the conventional zones bitmap
of a disk does not cause invalid memory references when using the
disk_zone_is_conv() helper by RCU protecting the disk->conv_zones_bitmap
pointer.

disk_zone_is_conv() is modified to operate under the RCU read lock and
the function disk_set_conv_zones_bitmap() is added to update a disk
conv_zones_bitmap pointer using rcu_replace_pointer() with the disk
zone_wplugs_lock spinlock held.

disk_free_zone_resources() is modified to call
disk_update_zone_resources() with a NULL bitmap pointer to free the disk
conv_zones_bitmap. disk_set_conv_zones_bitmap() is also used in
disk_update_zone_resources() to set the new (revalidated) bitmap and
free the old one.

Classification

CVE ID: CVE-2024-57875

Affected Products

Vendor: Linux

Product: Linux

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 11.47% (scored less or equal to compared to others)

EPSS Date: 2025-02-09 (when was this score calculated)

References

https://git.kernel.org/stable/c/493326c4f10cc71a42c27fdc97ce112182ee4cbc
https://git.kernel.org/stable/c/d7cb6d7414ea1b33536fa6d11805cb8dceec1f97

Timeline

2025-01-12 00:30:41 UTC
CVE

block: RCU protect disk->conv_zones_bitmap
2025-03-06 09:45:30 UTC
Tenable Plugins

Linux Distros Unpatched Vulnerability : CVE-2024-57875