Memory Reference Vulnerability in Linux Kernel Affecting Disk Management
CVE-2024-57875
Summary
A vulnerability in the Linux kernel relates to improper handling of disk revalidation processes. Specifically, it addresses the conventional zones bitmap of a disk, ensuring that changes do not lead to invalid memory references. Updates involve securing the disk->conv_zones_bitmap pointer with Read-Copy-Update (RCU) protection, allowing the disk_zone_is_conv() helper to operate under an RCU read lock. Moreover, the introduction of disk_set_conv_zones_bitmap() facilitates the safe update of the bitmap while accommodating potential changes without leading to resource mishandling. Key modifications include adjustments in disk_free_zone_resources() to ensure correct allocation and memory integrity, thereby enhancing the overall security posture of disk management operations within the Linux environment.
Affected Version(s)
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 493326c4f10cc71a42c27fdc97ce112182ee4cbc
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Linux 6.12.5 <= 6.12.*
References
Timeline
Vulnerability published
Vulnerability Reserved