CVE-2024-49933
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-49933
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-49933.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-49933
- Downstream
- Related
- Published
- 2024-10-21T18:01:55.087Z
- Modified
- 2025-11-28T02:34:03.429349Z
- Summary
- blk_iocost: fix more out of bound shifts
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
blk_iocost: fix more out of bound shifts
Recently running UBSAN caught few out of bound shifts in the iocforgivedebts() function:
UBSAN: shift-out-of-bounds in block/blk-iocost.c:2142:38 shift exponent 80 is too large for 64-bit type 'u64' (aka 'unsigned long long') ... UBSAN: shift-out-of-bounds in block/blk-iocost.c:2144:30 shift exponent 80 is too large for 64-bit type 'u64' (aka 'unsigned long long') ... Call Trace: <IRQ> dumpstacklvl+0xca/0x130 _ubsanhandleshiftoutofbounds+0x22c/0x280 ? _lockacquire+0x6441/0x7c10 ioctimerfn+0x6cec/0x7750 ? blkiocostinit+0x720/0x720 ? calltimerfn+0x5d/0x470 calltimerfn+0xfa/0x470 ? blkiocostinit+0x720/0x720 _runtimer_base+0x519/0x700 ...
Actual impact of this issue was not identified but I propose to fix the undefined behaviour. The proposed fix to prevent those out of bound shifts consist of precalculating exponent before using it the shift operations by taking min value from the actual exponent and maximum possible number of bits.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/49xxx/CVE-2024-49933.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/1ab2cfe19700fb3dde4c7dfec392acff34db3120
- https://git.kernel.org/stable/c/1b120f151871eb47ce9f283c007af3f8ae1d990e
- https://git.kernel.org/stable/c/1f61d509257d6a05763d05bf37943b35306522b1
- https://git.kernel.org/stable/c/364022095bdd4108efdaaa68576afa4712a5d085
- https://git.kernel.org/stable/c/59121bb38fdc01434ea3fe361ee02b59f036227f
- https://git.kernel.org/stable/c/9bce8005ec0dcb23a58300e8522fe4a31da606fa
- https://git.kernel.org/stable/c/f4ef9bef023d5c543cb0f3194ecacfd47ef590ec
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/49xxx/CVE-2024-49933.json
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
- https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html
- https://nvd.nist.gov/vuln/detail/CVE-2024-49933
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedbec02dbbafad534674309f8b948094900f456797Fixed1f61d509257d6a05763d05bf37943b35306522b1Fixedf4ef9bef023d5c543cb0f3194ecacfd47ef590ecFixed59121bb38fdc01434ea3fe361ee02b59f036227fFixed1ab2cfe19700fb3dde4c7dfec392acff34db3120Fixed1b120f151871eb47ce9f283c007af3f8ae1d990eFixed364022095bdd4108efdaaa68576afa4712a5d085Fixed9bce8005ec0dcb23a58300e8522fe4a31da606fa
Linux / Kernel
Package
- Name
- Kernel
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced5.10.0Fixed5.10.227
- Type
- ECOSYSTEM
- Events
-
Introduced5.11.0Fixed5.15.168
- Type
- ECOSYSTEM
- Events
-
Introduced5.16.0Fixed6.1.113
- Type
- ECOSYSTEM
- Events
-
Introduced6.2.0Fixed6.6.55
- Type
- ECOSYSTEM
- Events
-
Introduced6.7.0Fixed6.10.14
- Type
- ECOSYSTEM
- Events
-
Introduced6.11.0Fixed6.11.3