CVE-2024-35925

In the Linux kernel, the following vulnerability has been resolved: block: prevent division by zero in blk_rq_stat_sum() The expression dst->nr_samples + src->nr_samples may have zero value on overflow. It is necessary to add a check to avoid division by zero. Found by Linux Verification Center (linuxtesting.org) with Svace.

CVSS v3.0 5.5 MEDIUM

5.5^/10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/21e7d72d0cfcbae6042d498ea2e6f395311767f8	Patch
https://git.kernel.org/stable/c/21e7d72d0cfcbae6042d498ea2e6f395311767f8	Patch
https://git.kernel.org/stable/c/512a01da7134bac8f8b373506011e8aaa3283854	Patch
https://git.kernel.org/stable/c/512a01da7134bac8f8b373506011e8aaa3283854	Patch
https://git.kernel.org/stable/c/5f7fd6aa4c4877d77133ea86c14cf256f390b2fe	Patch
https://git.kernel.org/stable/c/5f7fd6aa4c4877d77133ea86c14cf256f390b2fe	Patch
https://git.kernel.org/stable/c/6a55dab4ac956deb23690eedd74e70b892a378e7	Patch
https://git.kernel.org/stable/c/6a55dab4ac956deb23690eedd74e70b892a378e7	Patch
https://git.kernel.org/stable/c/93f52fbeaf4b676b21acfe42a5152620e6770d02	Patch
https://git.kernel.org/stable/c/93f52fbeaf4b676b21acfe42a5152620e6770d02	Patch
https://git.kernel.org/stable/c/98ddf2604ade2d954bf5ec193600d5274a43fd68	Patch
https://git.kernel.org/stable/c/98ddf2604ade2d954bf5ec193600d5274a43fd68	Patch
https://git.kernel.org/stable/c/b0cb5564c3e8e0ee0a2d28c86fa7f02e82d64c3c	Patch
https://git.kernel.org/stable/c/b0cb5564c3e8e0ee0a2d28c86fa7f02e82d64c3c	Patch
https://git.kernel.org/stable/c/edd073c78d2bf48c5b8bf435bbc3d61d6e7c6c14	Patch
https://git.kernel.org/stable/c/edd073c78d2bf48c5b8bf435bbc3d61d6e7c6c14	Patch
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html	Mailing List
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html	Mailing List

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

History

31 Dec 2024, 18:51

Type	Values Removed	Values Added
References		() https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html - Mailing List () https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html - Mailing List
References	~~() https://git.kernel.org/stable/c/93f52fbeaf4b676b21acfe42a5152620e6770d02 -~~	() https://git.kernel.org/stable/c/93f52fbeaf4b676b21acfe42a5152620e6770d02 - Patch
References	~~() https://git.kernel.org/stable/c/512a01da7134bac8f8b373506011e8aaa3283854 -~~	() https://git.kernel.org/stable/c/512a01da7134bac8f8b373506011e8aaa3283854 - Patch
References	~~() https://git.kernel.org/stable/c/edd073c78d2bf48c5b8bf435bbc3d61d6e7c6c14 -~~	() https://git.kernel.org/stable/c/edd073c78d2bf48c5b8bf435bbc3d61d6e7c6c14 - Patch
References	~~() https://git.kernel.org/stable/c/b0cb5564c3e8e0ee0a2d28c86fa7f02e82d64c3c -~~	() https://git.kernel.org/stable/c/b0cb5564c3e8e0ee0a2d28c86fa7f02e82d64c3c - Patch
References	~~() https://git.kernel.org/stable/c/5f7fd6aa4c4877d77133ea86c14cf256f390b2fe -~~	() https://git.kernel.org/stable/c/5f7fd6aa4c4877d77133ea86c14cf256f390b2fe - Patch
References	~~() https://git.kernel.org/stable/c/21e7d72d0cfcbae6042d498ea2e6f395311767f8 -~~	() https://git.kernel.org/stable/c/21e7d72d0cfcbae6042d498ea2e6f395311767f8 - Patch
References	~~() https://git.kernel.org/stable/c/98ddf2604ade2d954bf5ec193600d5274a43fd68 -~~	() https://git.kernel.org/stable/c/98ddf2604ade2d954bf5ec193600d5274a43fd68 - Patch
References	~~() https://git.kernel.org/stable/c/6a55dab4ac956deb23690eedd74e70b892a378e7 -~~	() https://git.kernel.org/stable/c/6a55dab4ac956deb23690eedd74e70b892a378e7 - Patch
CPE		cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:debian:debian_linux:10.0:::::::*
CWE		CWE-369
First Time		Debian debian Linux Debian Linux linux Kernel Linux
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5

05 Nov 2024, 10:16

Type	Values Removed	Values Added
References	~~{'url': 'https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html', 'name': 'https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html', 'tags': [], 'refsource': ''}~~ ~~{'url': 'https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html', 'name': 'https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html', 'tags': [], 'refsource': ''}~~

27 Jun 2024, 13:15

Type	Values Removed	Values Added
References		() https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html -

25 Jun 2024, 22:15

Type	Values Removed	Values Added
References		() https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html -

19 May 2024, 11:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-05-19 11:15

Updated : 2024-12-31 18:51

NVD link : CVE-2024-35925

Mitre link : CVE-2024-35925

JSON object : View

Products Affected

linux

linux_kernel

debian

debian_linux

CWE

CWE-369

Divide By Zero

5.5 /10