AZL-52941

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-52941.json

JSON Data

https://api.osv.dev/v1/vulns/AZL-52941

Upstream

CVE-2024-49933

Published

2024-10-21T18:15:15Z

Modified

2026-04-21T04:33:33.178094Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

CVE-2024-49933 affecting package kernel for versions less than 5.15.173.1-1

Details

In the Linux kernel, the following vulnerability has been resolved:

blk_iocost: fix more out of bound shifts

Recently running UBSAN caught few out of bound shifts in the iocforgivedebts() function:

UBSAN: shift-out-of-bounds in block/blk-iocost.c:2142:38 shift exponent 80 is too large for 64-bit type 'u64' (aka 'unsigned long long') ... UBSAN: shift-out-of-bounds in block/blk-iocost.c:2144:30 shift exponent 80 is too large for 64-bit type 'u64' (aka 'unsigned long long') ... Call Trace: <IRQ> dumpstacklvl+0xca/0x130 __ubsanhandleshift_outofbounds+0x22c/0x280 ? __lockacquire+0x6441/0x7c10 ioctimer_fn+0x6cec/0x7750 ? blkiocostinit+0x720/0x720 ? calltimerfn+0x5d/0x470 calltimerfn+0xfa/0x470 ? blkiocostinit+0x720/0x720 __runtimerbase+0x519/0x700 ...

Actual impact of this issue was not identified but I propose to fix the undefined behaviour. The proposed fix to prevent those out of bound shifts consist of precalculating exponent before using it the shift operations by taking min value from the actual exponent and maximum possible number of bits.

References

https://nvd.nist.gov/vuln/detail/CVE-2024-49933

Affected packages

Azure Linux:2 / kernel

Package

Name: kernel
Purl: pkg:rpm/azure-linux/kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.15.173.1-1

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-52941.json"