CVE-2024-43890
- Source
- https://cve.org/CVERecord?id=CVE-2024-43890
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-43890.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-43890
- Downstream
- Related
- Published
- 2024-08-26T10:10:43.547Z
- Modified
- 2026-03-20T12:38:52.591112Z
- Summary
- tracing: Fix overflow in get_free_elt()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
tracing: Fix overflow in getfreeelt()
"tracingmap->nextelt" in getfreeelt() is at risk of overflowing.
Once it overflows, new elements can still be inserted into the tracingmap even though the maximum number of elements (
max_elts) has been reached. Continuing to insert elements after the overflow could result in the tracingmap containing "tracingmap->maxsize" elements, leaving no empty entries. If any attempt is made to insert an element into a full tracing_map using__tracing_map_insert(), it will cause an infinite loop with preemption disabled, leading to a CPU hang problem.Fix this by preventing any further increments to "tracingmap->nextelt" once it reaches "tracingmap->maxelt".
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/43xxx/CVE-2024-43890.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/236bb4690773ab6869b40bedc7bc8d889e36f9d6
- https://git.kernel.org/stable/c/302ceb625d7b990db205a15e371f9a71238de91c
- https://git.kernel.org/stable/c/788ea62499b3c18541fd6d621964d8fafbc4aec5
- https://git.kernel.org/stable/c/a172c7b22bc2feaf489cfc6d6865f7237134fdf8
- https://git.kernel.org/stable/c/bcf86c01ca4676316557dd482c8416ece8c2e143
- https://git.kernel.org/stable/c/cd10d186a5409a1fe6e976df82858e9773a698da
- https://git.kernel.org/stable/c/d3e4dbc2858fe85d1dbd2e72a9fc5dea988b5c18
- https://git.kernel.org/stable/c/eb223bf01e688dfe37e813c8988ee11c8c9f8d0a
- https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/43xxx/CVE-2024-43890.json
- https://nvd.nist.gov/vuln/detail/CVE-2024-43890
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced08d43a5fa063e03c860f2f391a30c388bcbc948eFixed302ceb625d7b990db205a15e371f9a71238de91cFixedd3e4dbc2858fe85d1dbd2e72a9fc5dea988b5c18Fixedeb223bf01e688dfe37e813c8988ee11c8c9f8d0aFixedcd10d186a5409a1fe6e976df82858e9773a698daFixed788ea62499b3c18541fd6d621964d8fafbc4aec5Fixeda172c7b22bc2feaf489cfc6d6865f7237134fdf8Fixed236bb4690773ab6869b40bedc7bc8d889e36f9d6Fixedbcf86c01ca4676316557dd482c8416ece8c2e143