| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025100109-CVE-2025-39909-202c@gregkh> Date: Wed, 1 Oct 2025 09:47:14 +0200 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2025-39909: mm/damon/lru_sort: avoid divide-by-zero in damon_lru_sort_apply_parameters() From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: mm/damon/lru_sort: avoid divide-by-zero in damon_lru_sort_apply_parameters() Patch series "mm/damon: avoid divide-by-zero in DAMON module's parameters application". DAMON's RECLAIM and LRU_SORT modules perform no validation on user-configured parameters during application, which may lead to division-by-zero errors. Avoid the divide-by-zero by adding validation checks when DAMON modules attempt to apply the parameters. This patch (of 2): During the calculation of 'hot_thres' and 'cold_thres', either 'sample_interval' or 'aggr_interval' is used as the divisor, which may lead to division-by-zero errors. Fix it by directly returning -EINVAL when such a case occurs. Additionally, since 'aggr_interval' is already required to be set no smaller than 'sample_interval' in damon_set_attrs(), only the case where 'sample_interval' is zero needs to be checked. The Linux kernel CVE team has assigned CVE-2025-39909 to this issue. Affected and fixed versions =========================== Issue introduced in 6.0 with commit 40e983cca9274e177bd5b9379299b44d9536ac68 and fixed in 6.1.153 with commit 74e391f7da7d9d5235a3cca88ee9fc18f720c75b Issue introduced in 6.0 with commit 40e983cca9274e177bd5b9379299b44d9536ac68 and fixed in 6.6.107 with commit 7bb675c9f0257840d33e5d1337d7e3afdd74a6bf Issue introduced in 6.0 with commit 40e983cca9274e177bd5b9379299b44d9536ac68 and fixed in 6.12.48 with commit af0ae62b935317bed1a1361c8c9579db9d300e70 Issue introduced in 6.0 with commit 40e983cca9274e177bd5b9379299b44d9536ac68 and fixed in 6.16.8 with commit 326a4b3750c71af3f3c52399ec4dbe33b6da4c26 Issue introduced in 6.0 with commit 40e983cca9274e177bd5b9379299b44d9536ac68 and fixed in 6.17 with commit 711f19dfd783ffb37ca4324388b9c4cb87e71363 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2025-39909 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: mm/damon/lru_sort.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/74e391f7da7d9d5235a3cca88ee9fc18f720c75b https://git.kernel.org/stable/c/7bb675c9f0257840d33e5d1337d7e3afdd74a6bf https://git.kernel.org/stable/c/af0ae62b935317bed1a1361c8c9579db9d300e70 https://git.kernel.org/stable/c/326a4b3750c71af3f3c52399ec4dbe33b6da4c26 https://git.kernel.org/stable/c/711f19dfd783ffb37ca4324388b9c4cb87e71363
Powered by blists - more mailing lists